CyberSaint and ACSC Research Sheds Light on Enterprise Cyber Risk Reporting Trends in Light of New SEC Rule
CyberSaint, the leader in cyber risk management, in collaboration with the Advanced Cyber Security Center (ACSC), has conducted a comprehensive focus group study aimed at gaining insight into the dynamics of cyber risk reporting in large enterprises.
Drivers for Improved Cyber Risk Reporting
Cyber risk reporting has become an essential component of executing proper cyber risk management. According to a report by Cybersecurity Ventures, cybercrime is expected to cost the world $10.5 trillion annually by 2025, highlighting the significant financial and reputational costs of cyber risk incidents, the frequency and severity of cyberattacks, and the importance of effective cyber risk management to protect against cyber threats.
There is a growing demand from investors and other stakeholders for organizations to report on their cyber risk posture. In the United States, the SEC is now requiring public companies to disclose their cybersecurity risks and incidents in their financial filings. The SEC has also issued guidelines for companies to disclose cybersecurity risks and incidents to investors and has emphasized the need for regular cyber risk reporting to board and executiv leadership, in accordance with the new rules set forth.
Cyber Risk Reporting Challenges
Despite the obvious need, reporting cyber risk posture up to the Board of Directors or executives can present significant challenges:
Highlighted Focus Group Research Questions:
The research conducted by the ACSC and CyberSaint provides valuable insights into the challenges and opportunities of cyber risk reporting in large enterprises, and identifies trends that those reporting cyber risk to the board are seeing.
This new research can help organizations enhance their cyber risk reporting practices and better protect themselves against cyber threats.
CyberSaint delivers the most comprehensive, real-time, and intuitive platform for enterprise cyber risk management. The company's CyberStrong platform empowers organizations to optimize their cyber posture through automated assessment, cyber risk quantification, remediation and executive reporting, all backed by patented AI technology. C-suites and Boards of the Fortune 500 rely on CyberSaint to gain unparalleled visibility into their cyber risk posture, informing key decisions around resource allocation and resulting in immense time and cost savings. CyberSaint's customers are empowered to readily fulfill their cyber governance requirements, bridging the gap between technical cyber risk initiatives and their implications on business performance.
About the Advanced Cyber Security Center (ACSC)
The Advanced Cyber Security Center launched in 2011 is a New England based non-profit, member-driven, cybersecurity focused organization. The Center engages in confidential collaborations (operating under an NDA) among members CIOs, CISOs, Risk Officers and Legal Counsels. The ACSC uniquely brings together leading private sector firms, universities, defense nonprofits, the Commonwealth of Massachusetts, the Federal Reserve Bank of Boston, and is a regional partner with the Department of Homeland Security. Our members represent the financial services, healthcare, technology and utilities industries, along with leading universities and the Commonwealth of Massachusetts.