Similar Posts
Cybersecurity in Financial Disclosures: 11 Topics Your Section 1C of 10-K Filings Should Address
ByKayne
Despite this guidance mandating only four disclosures (identifying and managing risks, disclosing material breaches, board oversight, and management’s role), over 40% of the 2,100+ 10-K filings I’ve reviewed between January 1 and March 11, 2024 disclosed eleven distinct topics.
Companies are disclosing more information than required in their 10-K filings for various reasons. One is that they lack a broad consensus how much detail to disclose in Section 1C. The recent civil litigation of SEC vs. Tim Brown and SolarWinds (case 1:23-cv-09518 in the Southern District of New York) significantly influences the disclosure requirements.
It’s Time to Regard Cybersecurity as Human Safety
ByKayne
Cultural change takes time and is a journey, not a destination. Senior leaders, managers, and individual contributors all have a role and responsibility in ensuring that manufacturing companies stay safe from cybersecurity risks. Elevating cyber risks to the same level as safety risks will help companies to comprehensively understand and manage their risks now and in the coming years.
Why security-IT alignment still fails
ByKayne
An organization that doesn’t understand or appreciate security won’t be able to adequately identify and prioritize risk, nor articulate its tolerance for those risks based on business goals and objectives, says Kayne McGladrey, director of security and IT for Pensar Development and a member of the professional association IEEE (The Institute of Electrical and Electronics Engineers).
“The CIO won’t see the business impact if there’s not a culture of risk mitigation,” McGladrey says. “A culture where security is seen as someone else’s problem will derail any conversation around security, so the biggest thing for CISOs is to make the conversation with CIOs around risk – not around technologies or shiny objects but around risks to the business.”
The future looks bright if Generation AI can address cybersecurity
ByKayne
There’s quite a lot of optimism in Generation AI, the IEEE study of millennial parent’s attitudes about artificial intelligence. The findings of the study are evolutionary, not revolutionary, as views towards artificial intelligence have become more refined over the years. However, the optimism shown in this study pre-supposes that we can move past our current cybersecurity issues.
Watch: Supply Chain Congestion: A Golden Opportunity for Hackers
ByKayne
Global supply chains have been under intense strain in recent months, a situation that has been made even worse by the growth of cyber attacks, especially in the form of ransomware. The transportation sector, which has been largely deregulated, needs to adopt recommendations by industry and government organizations for implementing measures that they might have overlooked in years. The price of failing to do so can be high, with ransomware attacks threatening to shut down critical logistics operations for days or even longer.
Top Cybersecurity News for September, 2023: Kayne’s 5 Under 5
ByKayne
Join Hyperproof’s Field CISO, Kayne McGladrey, as he talks about the top five cybersecurity news stories to know for September, 2023 in under five minutes.
New SEC rules
D&O insurance and SEC rules
CISO succession planning
Board’s AI responsibility
SEC vs. Covington & Burling