Mandatory cyber incident reporting is being extended to many more organizations. Those already subject to these regulations face new, more stringent, requirements.
Engaging proactively with government agencies and your own incident response and legal partners will make mandatory incident reporting as frictionless as possible and allow you to derive maximum benefit from the process.
Defining a ‘material’ incident for your organization and selecting appropriate incident response and legal firms are among the preparatory measures required.
Author: Cyber Threat Alliance
Systemic Cybersecurity Risk and role of the Global Community: Managing the Unmanageable
Cyberattacks are frequently becoming ‘cyber events’ with systemic impact. How can governments and businesses respond?
An Update on the State of the SEC’s Approach to Cyber Risk
This update follows the March 2021 State of Cyber-Risk Disclosures of Public Companies. Recent cyber-related comments and enforcement actions by the U.S. Securities and Exchange Commission made clear that the SEC has escalated its scrutiny of the cybersecurity disclosures of [...]
Adjusting to a New Era in Ransomware Risk
Changes in ransomware business models, new government interventions in the market, and more expensive cyber insurance premiums, should drive an urgent review of cyber risk exposure and cyber security posture relative to ransomware. There had already been a steep increase in ransomware risk leading up to February 24th, 2022. Russia’s fateful invasion of Ukraine has […]