Cyber Exposure Management Meets the New SEC Reporting Requirements
The recent SEC breach disclosure rules place enormous pressure on CISOs. The new SEC disclosure requirements for public companies require companies to report annually on their cybersecurity risk management and governance efforts and publicly announce cybersecurity incidents that prove "material." Determining materiality may be one of organizations' most prominent challenges with the new rules. What exactly is a material cybersecurity incident?