Enterprise Technologist | CxO CISO AWS, United States
Board reporting for CISOs is about to become more daunting than ever. The SEC recently unveiled rules that significantly raise liability for public companies operating in the United States. They demand stringent oversight of cyber risk governance and incident reporting, imposing stiff penalties on board directors and officers for violations. For astute CISOs, the changes present a remarkable opportunity. This session will analyze the SEC rule changes and, through the lens of a risk buy-down model, consider methods to meet SEC requirements. We’ll look at how to transform the spirit of the law into a powerful force that holistically reduces risk and elevates the role of the CISO.
Learning Objectives:
Describe the new SEC rules affecting board cybersecurity reporting.
Utilize a cybersecurity risk buy-down model to programmatically establish board risk appetite and drive down security risk.
Apply methods to leverage the new SEC rules to improve the security culture at your organization and elevate the role of CISO.
