Steve Levinson, VIce President, Risk, Privacy, and Security | Online Business Systems
About this talk
Cybersecurity has not only become a regular boardroom topic, but may soon be a requirement. If proposed SEC legislation takes hold, all publicly traded companies must have a process in place to disclose cybersecurity incidents and more importantly, must actively identify and manage cybersecurity risks with board of directors’ oversight. This legislation will likely have a trickle-down effect on many private companies as well.
While some organizations have already undergone this journey, we expect that numerous companies are late to the party and haven’t begun to determine what this change means for them. This session will help you develop a game plan to right-size security for your organization by addressing the following key issues:
• Who should fill this role?
• Where to start?
• The art of incident response and reporting.
• What are some of the functionalities the SEC will be looking to include:
o Controls to prevent unauthorized access
o Measures to detect, mitigate, and remediate cybersecurity threats
o Third-party risk management
• Coordination with legal counsel and financial advisors.