Orgs Must Prepare For Sec Cybersecurity Requirements Aimed At Boards
Security Boulevard, January 23rd, 2023
Enterprises might want to spend the next few months checking and bolstering their boards' cybersecurity chops - because by the end of 2023, the Security and Exchange Commission (SEC) is expected to finalize its proposal requiring them to attest to their boards' cybersecurity acumen - as well as disclose their cybersecurity oversight efforts and information on attacks.
All this is an effort to shift some cybersecurity accountability to boards, a move that is not wholly unexpected. Organizations have been urged to add cybersecurity expertise to those governing bodies to bolster their cybersecurity postures, get strategies approved and funded more easily and apply much-needed accountability.
'Our 2022 U.S. Cybersecurity Census indicates that the average cybersecurity leader is faced with 42 attacks each year-three of them successful-and the majority of those surveyed anticipate that number will only increase in the coming year. However, the research also shows widespread demand for cybersecurity talent as the international IT workforce shortage endures,' said Darren Guccione, CEO and co-founder at Keeper Security. 'The board of directors and fellow business leaders must support their CISO's priorities and needs, particularly when they're faced with a cyberattack or data breach.'