Securities and Exchange Commission (SEC)

How Executives Make Informed Cyber Decisions

September 19, 2024, at 1:00 P.M. CST

Non-technical executives can truly own cybersecurity when their companies measure, monitor, and manage cybersecurity risk like other parts of their business.

The SEC is only the latest regulator to expect non-technical executives to take ownership of cybersecurity risk management. Regulators argue that when companies pose risks to others those risks needs to be managed, whether they come from business practices, (more…)

CAMP IT: Techniques to Evolve Risk Governance and Comply with SEC Cybersecurity Rule

CAMP IT: Enterprise Risk / Security Management

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real (more…)

Cyber Firm Reports SEC’s Final Rule Language Causing 10-K Filer Missteps

 

CHICAGO, Sept. 17, 2024 /PRNewswire/ — HALOCK Security Labs and sister company, Reasonable Risk, recently published a survey report revealing that language in the SEC’s new cybersecurity requirements appears to be confusing executives at public companies. As a result, many 10-K filings now make implausible claims that companies do not foresee a risk that cybersecurity incidents may cause material impacts. Early 10-K filers also (more…)

Annual 10-K Survey 2024

 

WHAT IS THE ANNUAL 10-K SURVEY?   

A publication by HALOCK Security Labs and Reasonable Risk that tracks how well public companies describe their cybersecurity programs in Item 1C of their 10-K disclosures.

 

WHAT IS ITEM 1C?

Item 1C is a new requirement (as of December 2023) from The SEC’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rule for public fil­ers to describe to their investors how (more…)

RSA Conference: Techniques to Evolve Risk Governance and Comply with SEC Cybersecurity Rule

RSA Conference 2024

This year’s RSA theme was The Art of Possible. It emphasized what we can do together – “To succeed at cybersecurity, we must go beyond ones and zeroes. Staying ahead of today’s threats and foreseeing tomorrow’s challenges requires trusting our intuition and collaborative experiences. Our collective strength lies in the bonds we build and the wisdom we share shaping a resilient (more…)

Go to Top