|
Cyber Insights Today July 23, 2024
Hosted by Richard Freiberg
Privacy and Security
https://www.buzzsprout.com/1913940/episodes/15167133
I am Richard Freiberg. Today we will be addressing what’s material to the SEC, 7 months into cyber disclosure rules in part 1 of a 2 part series.
Seven months since the launch of the Securities and Exchange Commission’s cyber incident reporting rule, companies are grappling with the question of when the impact of a breach or attack is considered material.
The rule which was effective last December requires publicly traded firms to report an incident within four business days of determining materiality.
In the immediate aftermath of several recent high-profile cyber disruptions’ companies have scrambled to immediately determine if the incidents were technical breaches or malicious attacks.
The materiality assessments have thus far proven to be far more complicated. Companies must examine the scope of data loss, the impact on operations and the longer-term implications from regulatory, financial and brand reputation.
As such in disclosing cybersecurity incidents to the SEC, companies face a balancing act.
Companies need to begin thinking about the 8-K as soon as the initial incident takes place and consider both qualitative and quantitative factors when assessing materiality.
Qualitative factors include:
- Type and amount of information taken,
- Reputational damage,
- Impact on supply chain, both upstream and downstream,
- Government inquiries and legal disputes.
Quantitative factors include:
- Impacts on business operations, including the duration of an incident, number of business segments impacted, and loss of intellectual property or data,
- Impacts on financial performance or earnings, including revenue, stock price and divergence from forecasts,
- Incident response and containment expenses, including ransom payments, legal fees, future insurance costs and forensic analysis.
Follow Cyber Insights Today on Apple Podcasts or Spotify.
That’s it for Cyber Insights Today.
DON’T BECOME ANOTHER STATISTIC!
Richard Freiberg
Profitability Consultant
Richard Freiberg CPA PC
Phone (980)339-3352
Cell (914)393-0033
www.rmfreibergcpa.com
LinkedIn
to subscribe to Cyber Insights Today
to subscribe to LinkedIn Newsletter Cyber Security
Providing valuable counsel to help boost your company’s bottom line, while navigating competitive forces, industry, and economic risks in today’s challenging environment
|
4 thoughts on “Cyber Insights Today July 23, 2024”
Understanding the complexities of cybersecurity regulations is crucial for businesses today. It’s essential to balance materiality assessments with the potential impact on reputation and operations, especially in roles like mine where empathy and support are key in crisis management.
Materiality assessments in cybersecurity are complex, reflecting broader challenges faced in risk management across various fields, including seismology.
Understanding the complexities of cyber incident reporting is crucial for effective risk management. Companies must carefully evaluate both qualitative and quantitative factors to navigate these challenges successfully.
Cybersecurity sounds important! Hope everyone stays safe! Exciting stuff!