From the daily barrage of cybersecurity headlines to the increased regulatory exposure caused by emerging risks to businesses and industries across the globe, how can directors arm themselves with the knowledge and skill to govern corporations through these risks?
The SEC is committed to working with federal and local partners, market participants and others to monitor developments and effectively respond to cyber threats. As companies face these evolving risks, how well do Boards truly understand the related operational risk, as well as the risk of data or asset loss? It only takes one headline to bring the reality home.
The time is now to address these risks. We recommend companies and boards consider the following:
- The SEC’s Spotlight on Cybersecurity at https://www.sec.gov/spotlight/cybersecurity.
- “Cybersecurity and Resiliency Observations” released January 2020 by the Office of Compliance Inspections and Examinations https://www.sec.gov/news/press-release/2020-20
- Commission statement and Guidance on public company cybersecurity disclosures https://www.sec.gov/rules/interp/2018/33-10459.pdf
- SEC Guidance for public companies https://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm
- Sign up for alerts published by the Cyber Infrastructure Security Agency (CISA)
The OCIE is encouraging market participants to review their practices, policies, and procedures with respect to cybersecurity and operational resiliency. Through a deeper understanding of preparedness and addressing existing gaps, implementing the recommended measures will make your organization more secure.
Schneider Downs cybersecurity experts stand ready to help companies protect themselves against these emerging threats to operations, continuity, and cash flows. Please visit https://schneiderdowns.com/cybersecurity for additional information