Cyber Risk Management Trend
The US SEC’s latest rulings on cybersecurity risk management, strategy, governance, and incident disclosures suggest that board members will be compelled to take a more active role in their organizations’ cyber risk management efforts. The increased transparency about the board’s role in cyber activities now holds them more accountable to investors.
Although, for now, the SEC removed its spain whatsapp number data explicit proposal that cyber expertise must be present in the boardroom, the recent regulations nevertheless generate momentum toward this requirement. Instead of subjecting U.S. corporations to this demand along with all of the other new regulations, the governing body will institute this particular obligation gradually. We should expect to see updates to their July ruling this year.
The EU more explicitly outlined corporate responsibility in their NIS2 Directive, warning that executives may be subject to suspension for failure to comply with the upgraded cybersecurity regulations. Most recently, Australian Securities and Investments Commission chairman Joe Longo warned boards of the penalties should they fail to make reasonable investments in cyber.