Patrick Benoit, a seasoned security leader and CyberEdBoard member, advises security leaders to lead by example and not worry about showing any of their own vulnerabilities, not least when they make a mistake. "It's OK to fail or misstep … That's what makes you a stronger leader," he said.
Check Point and Mimecast will each pay regulators nearly $1 million to settle charges of making materially misleading disclosures related to the SolarWinds Orion hack. The SEC alleged public disclosures from Check Point and Mimecast didn't capture the severity of the compromise.
The increasingly regulated landscape of cybersecurity is changing across Europe, America and Asia. Rohan Massey, partner at Ropes & Gray, speaks about the complexities organizations face and the importance of strategic prioritization to comply with regulatory challenges effectively.
Walker Newell and David Anderson of Woodruff Sawyer discuss how the SolarWinds case reshaped SEC regulations. CISOs must build closer ties with legal and compliance teams to manage risk and leverage new rules and ensure effective governance and incident response.
The U.S. Securities and Exchange Commission's requirement for publicly traded companies to report cyber incidents that have a material impact within four days is "not about playing gotcha with public companies," said the commission’s director of the corporation finance division.
The BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days. The group, also known as Alphv, listed MeridianLink on its data leak site and threatened to leak stolen data.
The fallout from the SEC's charges of fraud and internal control failures against SolarWinds and its CISO has implications for the industry. Cordery Compliance attorney Jonathan Armstrong advises security leaders to "take heed and remember that the actions of today can determine your fate tomorrow."
The U.S. Securities and Exchange Commission (SEC) recently voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for companies to report material cybersecurity incidents and disclose critical information about their cybersecurity programs.
What do these regulations...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.