The Cybersecurity Coalition unveiled this “Building a National Cybersecurity Strategy Voluntary Flexible Frameworks White Paper” at the inaugural CyberNext DC.
This paper begins with an overview of the cyber threat landscape. It is important to understand harmful consequences of cyberattacks as well as how the prevalence of new technologies, including the “Internet of Things,” has increased the number of opportunities for cyberattacks. The volume and diversity of cyber threats underscores the importance of developing a framework that is voluntary, flexible, and broadly adopted across organizations of all sizes, and stakeholders at all levels.
Understanding the challenges of effective cyber risk management, it is instructive to consider international models of a national cyber risk management framework to determine which practices have been successful. This paper examines the United States, Italy, the United Kingdom, and Australia as case studies that highlight the most critical components of an effective cybersecurity framework.
Read the White Paper here: CyberNextDC Voluntary, Flexible Frameworks White Paper (cybersecuritycoalition.org)
Author: Cyber Threat Alliance
An Update on the State of the SEC’s Approach to Cyber Risk
This update follows the March 2021 State of Cyber-Risk Disclosures of Public Companies. Recent cyber-related comments and enforcement actions by the U.S. Securities and Exchange Commission made clear that the SEC has escalated its scrutiny of the cybersecurity disclosures of [...]
Institute for Security and Technology – Ransomware Task Force Report
Combating Ransomware A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, [...]
The State of Cyber-Risk Disclosures of Public Companies
The U.S. Securities and Exchange Commission (the “SEC,” or the “Commission”) has in recent years demanded greater transparency from public companies in how they identify, measure, and manage cyber-risk. In the wake of SolarWinds and the increased supply-chain security scrutiny in Washington [...]