A study from EY shows Fortune 100 CISOs more closely engaged with the board of directors and C-suite.
How are corporate boards changing their approach to cybersecurity?
Recent findings indicate that corporate boards, particularly in Fortune 100 companies, are increasingly prioritizing cybersecurity oversight. A study by EY revealed that over 60% of these companies now recognize cybersecurity as an area of expertise needed on the board, a significant increase from just 20% in 2018. Additionally, 80% of companies reported how often management updates the board on cybersecurity matters.
What is the role of CISOs in board engagement?
The study shows that CISOs are becoming more involved with corporate boards, with 57% of Fortune 100 companies designating a specific individual, often a CISO or CIO, to report cybersecurity issues directly to the board. This marks a notable increase from 23% in 2018, reflecting a shift towards more structured communication regarding cybersecurity risks.
What are the new SEC rules regarding cybersecurity disclosures?
The new SEC rules mandate that companies disclose material cybersecurity incidents within four business days of determining their significance. Furthermore, companies are required to identify any board committee overseeing cybersecurity risk and to disclose the processes used to inform these committees, enhancing the accountability and transparency of cybersecurity governance.
Sign in with LinkedIn