Cyber Risk: The SEC Rules

July 2023 | Compliance Week Risk Webinar | PCI DSS 4.0 Risk & Audit

WHAT’S NEW


The SEC new rules require public companies describe their cybersecurity programs in their quarterly and annual public reports. Organizations also need to state whether those cybersecurity programs are integrated into their enterprise risk management programs.

To comply with these new requirements will take resources, budget and alignment as well as a streamlined method to manage and prioritize all risks.

We invite you to our complimentary Compliance Week webinarFive Deliverables Every Security Team Needs to Survive,Thriveand Comply with the New SEC Cybersecurity Rule.

Speaker: Jim Mirochnik, CEO – HALOCK

  1. Define a “clear line of acceptable risk” below which you accept risks and above which you remediate.
  2. Ensure your security program is legally defensible and compliant with the new SEC Cybersecurity Rule, published July 26, 2023.
  3. Understand the “total risk” (i.e., your risk FICO score) to your organization.
  4. Communicate risks and justify expenditure requests in business terms.
  5. Provide c-suite a roadmap for your program that reduces risk to an acceptable level.



DATA BREACH BULLETINS

HALOCK Breach Bulletins



ARTICLES & REFERENCES

Third Party Risk Management is an Accelerating Trend

PCI DSS v4.0 Webinar Series (5-part)

CIS RAM v2.1A Way to Demonstrate Reasonable Security



CYBER BEST PRACTICE

CYBERSECURITY AWARENESS POSTERS ARE FUN REMINDERS TO YOUR TEAM

Uncle Sam I Want You to Avoid Using the Same Password for Multiple Accounts