A new bill proposed in the Senate in March would require boards of directors at public companies to disclose their cyber security risks and competencies to the US Securities and Exchange Commission (SEC). The Cybersecurity Disclosure Act of 2017 (S536) would require board members to detail what a company is doing to protect itself from data breaches.
According to Accenture, 70 percent of global companies consider security a board-level concern. Awareness of the impact of poor cyber security is at an all-time high — as it should be, even among smaller and privately held companies. Whether or not you would have to report your cyber security plans to the SEC, you should be taking steps to improve your security stance. We’re happy to help you create the best approach for your risks and budget.