The State of Cyber-Risk Disclosures of Public Companies

Home » Blog » The State of Cyber-Risk Disclosures of Public Companies
By Cyber Threat Alliance
March 2, 2021

The U.S. Securities and Exchange Commission (the “SEC,” or the “Commission”) has in recent years demanded greater transparency from public companies in how they identify, measure, and manage cyber-risk.

In the wake of SolarWinds and the increased supply-chain security scrutiny in Washington DC, companies should be explaining to investors the specific risks they face from cybersecurity threats, including, among others, operational disruption, intellectual property theft, loss of sensitive client data, and fraud caused by business email compromises.

SecurityScorecard, NACD, Cyber Threat Alliance, Diligent, and IHS Markit partnered to create The State of Cyber-Risk Disclosures of Public Companies report.

To download the report, visit: The State of Cyber-Risk Disclosures of Public… | SecurityScorecard

Author: Cyber Threat Alliance

Related

Systemic Cybersecurity Risk and role of the Global Community: Managing the Unmanageable

By Cyber Threat Alliance

Cyberattacks are frequently becoming ‘cyber events’ with systemic impact. How can governments and businesses respond?

Preparing for New Incident Reporting Requirements

By Cyber Threat Alliance

Mandatory cyber incident reporting is being extended to many more organizations. Those already subject to these regulations face new, more stringent, requirements. Engaging proactively with government agencies and your own incident response and legal partners will make mandatory incident reporting as frictionless as [...]

An Update on the State of the SEC’s Approach to Cyber Risk

By Cyber Threat Alliance

This update follows the March 2021 State of Cyber-Risk Disclosures of Public Companies. Recent cyber-related comments and enforcement actions by the U.S. Securities and Exchange Commission made clear that the SEC has escalated its scrutiny of the cybersecurity disclosures of [...]