Session Abstract: The SEC has proposed new regulations that govern the timing and content around disclosing cybersecurity incidents for all publicly traded companies. These regulations raise questions about how affected companies should prepare for and react to incidents that, in all likelihood, are not a matter of if, but when. The purpose of this presentation is to open a candid discussion about risk assessment not only at the primary organization, but also with third party relationships and cultivate ideas about best practices in this emerging regulatory environment.
Summary: In March 2022, the SEC proposed new rules governing the reporting of cybersecurity incidents. This session will explore how businesses will be affected by this and similar legislation and provide tips to compliance and technical teams alike.