Today I want to revisit the SEC’s proposed new rules requiring public companies to disclose more about their cybersecurity risks. Those plans would obligate companies to discuss how the board and senior management address cybersecurity risk at a strategic, enterprise level. What’s that all about?

All organizations, including yours, have sensitive data. Whether it’s structured or unstructured, you need to protect that data to avoid disruption to your business. However, data sensitivity classification is not binary—it requires a more nuanced approach. Some information is more sensitive because it creates greater risk of harm to the organization or customers if it’s exposed.