In addition to the evolving cyber threat landscape, boards are also facing a more complex regulatory environment. The U.S. Securities and Exchange Commission (SEC) has adopted new cybersecurity rules that will take effect on December 15, 2023. These rules primarily target publicly...
In a landmark move, the U.S. Securities and Exchange Commission (SEC) has charged SolarWindsSWI-0.2% Corporation and its former Chief Information Security Officer (CISO), Timothy Brown, with fraud and internal control failures related to the company's cybersecurity practices leading up to the 2020 cyberattack.
The Securities and Exchange Commission (SEC) first proposed new cybersecurity disclosure rules on March 8, 2022. The comment period for the proposed rules closed on May 9, 2022. The SEC then reopened the comment period on the proposed rules on February 9,...
On July 11, 2023, Microsoft disclosed that a group of Chinese hackers had broken into some of its customers' email systems to gather intelligence. The hackers, who Microsoft identified as Storm-0558, were able to gain access to the accounts of government agencies and...
As boards begin the journey to cyber compliance to meet upcoming SEC regulations, one of the first things they need to do is bring all directors to a common understanding of the technology landscape. Everyone on the board needs to be familiar...
Welcome to new board oversight duties…It is one of the great things about board work…it is ever changing and evolving. Every year there is a shift in corporate governance standards in an effort to evolve along with the rapidly changing business landscape...
At a recent audit committee meeting we were briefed by our Big Four accounting firm on cyber-risk. They referenced a two-page notification from the Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly, sent to Directors on February 25, 2022 urging...
In July, the four Big Tech CEOs appeared before the House Antitrust subcommittee and shed light to congress for the first time pushing back and lobbying against monopoly power and anti-competition. This was the last step of an investigation that began in...
Often, when new regulations are introduced in an industry, they can bear unintended consequences for the future. Since this past summer, legislatures have been contemplating a law relating to cyber defense called the Active Cyber Defense Certainty Act, or ACDC. The bill is...
Cyber-security is a hot topic at every company this year and it needs to be a board level discussion – the risk associated with cyber attack and data breaches is now clear from all the headlines. FedEx and Maersk forecast $300M in...
By Betsy Atkins & Rahul Kashyap A recent study from the National Association of Corporate Directors highlights that one in five directors is dissatisfied with the quality of cyber-risk information that the board gets from management. Board members who felt their company was properly secured...
By Anna Akins, Technology Reporter Smart speaker adoption has exploded in recent quarters, but so have concerns about their privacy risks. Research firm IDC said a total of 99.3 million smart speaker units shipped globally in 2018, representing a 141% jump over...
The two recent incidents at Apple remind is us that Corporate Espionage is a serious threat that your board should be aware of. For the second time in 6 months, Apple, working with the FBI, is accusing a Chinese national engineer of...