Cybersecurity has increasingly become a critical issue for all types of businesses, few more so than broker-dealers, investment advisers and others in the financial sector.
The threat of a cybersecurity breach is unfortunately one of the ongoing business risks companies face n the current operating environment. For that reason, corporate disclosures of cyber-breach related risks have been a priority of the SEC’s Division of Corporate Finance as well as the agency’s new Chair, Mary Jo White.
Cyber security is top of mind for companies, and cyber-security oversight is top of mind for corporate directors. I recently co-moderated a panel discussion for directors on board oversight of cyber security and cyber-security disclosures. I thought I’d share my thoughts on some of the key issues.
As practitioners are aware, in February 2013, President Obama issued an executive order directing federal agencies to create a set of voluntary cybersecurity standards and procedures for critical parts of the private sector.
On August 28, 2013, the Obama Administration issued several documents relating to the Cybersecurity Framework that the President called for in Executive Order 13636: Improving Critical Infrastructure Cybersecurity.