SEC Rulings around Cyber Security Disclosures

Delve into the new SEC rules on material cyber risk disclosures and annual reports!

In this video, Tom addresses new final rules from the SEC and what it means for senior management, including CISOs. Two questions that CRQ can help address concerning the SEC rules:

- What probable information security incidents are you exposed to?

- How do you determine if an organization is exposed to a material cyber risk?

‍

Tom Callaghan

Co-founder

Video description: SEC rulings around cyber security disclosures

‍

In this video, Tom Callaghan, a co-founder of C-Risk, delves into the new rules set by the Securities and Exchange Commission (SEC) on the reporting of cyber risk and material cyber incidents.

Discover how the understanding of materiality is crucial in the process of disclosing cybersecurity incidents. The SEC doesn't mandate the use of the Cyber Risk Quantification but qualitative and quantitative methods are used to assess the significance of these incidents. In addition, Tom discusses the importance of being proactive in the face of evolving regulations by understanding the specific risk scenarios your company faces.

Cyber risk management is a collective responsibility, and this video guides you through the basic steps to ensure regulatory compliance.

‍

Chapters:

00:00 - Introduction

00:16 - The new set of rules from the US Securities & Exchange Commission

00:56 - Materiality as a key word

01:27 - How do we determine if an organization is exposed to a material cyber security risk?02:05 - How to be proactive?

02:53 - Conclusion

‍

On the same topic: C-Risk content

Watch the webinar: "Adopting a risk-based approach to compliance and material disclosures"

‍

More about CRQ and C-Risk's activities:

If you liked this video, subscribe to our Youtube channel.