Recommended Resources

SCALING TRUST ON THE WEB

Scaling Trust on the Web, the comprehensive final report of the Task Force for a Trustworthy Future Web, maps systems-level dynamics and gaps that impact the trustworthiness and usefulness of online spaces. It highlights where existing approaches will not adequately meet future needs, particularly given emerging metaversal…

Recommended Resources

Preparing for New Incident Reporting Requirements

Mandatory cyber incident reporting is being extended to many more organizations. Those already subject to these regulations face new, more stringent, requirements. Engaging proactively with government agencies and your own incident response and legal partners will make mandatory incident reporting as frictionless as possible and allow you to derive maximum…

Recommended Resources

An Update on the State of the SEC’s Approach to Cyber Risk

This update follows the March 2021 State of Cyber-Risk Disclosures of Public Companies. Recent cyber-related comments and enforcement actions by the U.S. Securities and Exchange Commission made clear that the SEC has escalated its scrutiny of the cybersecurity disclosures of public companies, SEC registrants, and financial sector service providers.

Recommended Resources

Adjusting to a New Era in Ransomware Risk

Changes in ransomware business models, new government interventions in the market, and more expensive cyber insurance premiums, should drive an urgent review of cyber risk exposure and cyber security posture relative to ransomware. There had already been a steep increase in ransomware risk leading up to February 24th, 2022. Russia’s…

Recommended Resources

Institute for Security and Technology – Ransomware Task Force Report

Combating Ransomware A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, government, law enforcement, civil society, and international organizations who participated in the Ransomware Task Force (RTF),…

Recommended Resources

The State of Cyber-Risk Disclosures of Public Companies

The U.S. Securities and Exchange Commission (the “SEC,” or the “Commission”) has in recent years demanded greater transparency from public companies in how they identify, measure, and manage cyber-risk. In the wake of SolarWinds and the increased supply-chain security scrutiny in Washington DC, companies should be explaining to investors the…