Cybersecurity, Privacy, & AI

Trending Now
You Just Got A CMMC Letter. Now What? • AI-Enabled Vulnerability Discovery: What Next-Gen Tools Mean for the Management of Cybersecurity Risk • Darktrace Report Highlights Cyber Threats Against Global Sporting Sector • Disclosure to Generative-AI Tools Can Create Patent Prosecution Risk • AI Company Anthropic Suspends Access to Claude Fable 5, Claude Mythos 5 Following US Export Control Directive
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on August 22, 2022 • Cyber

Attestations for Cyber Controls May Be Coming Regardless

Attestations for Cyber Controls May Be Coming Regardless

Matt Kelly compares potential SEC requirements that CISOs attest to the effectiveness of their cybersecurity, with the financial certifications already required of CEOs and CFOs by the Sarbanes-Oxley Act. Kelly notes that current regulatory proposals circling around the SEC fall well short of the criminal penalties of SOX, which may lead some business leaders not to take them seriously. But he argues that the kinds of assurances already demanded by others, such as the certifications required by the state of New York, and the documentation required by cyber insurance firms, bring companies close to already meeting such hypothetical requirements, and it might be easier to just go ahead and do it.

Source:

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024