A study from EY shows Fortune 100 CISOs more closely engaged with the board of directors and C-suite.
How are corporate boards addressing cybersecurity risks?
Corporate boards are increasingly focusing on cybersecurity risk oversight, with a study showing that over 60% of Fortune 100 companies now seek cybersecurity expertise on their boards, a significant increase from 20% in 2018. Additionally, 57% of these companies have designated individuals, typically a CISO or CIO, to report cybersecurity issues directly to the board.
What are the new SEC disclosure requirements?
The new SEC rules require companies to disclose material cybersecurity incidents within four business days of determining their significance. Furthermore, companies must identify any board committee overseeing cybersecurity risk and disclose the process used to inform these committees.
How often do companies report cybersecurity to their boards?
According to the study, nearly half of Fortune 100 companies report on cybersecurity to their boards at least annually. Additionally, 80% of these companies disclosed how often management provides updates on cybersecurity to the board or relevant committees.
Sign in with LinkedIn