Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Agnidipta Sarkar, VP CISO Advisory at ColorTokens Comment

May 2024 by Agnidipta Sarkar, VP CISO Advisory at ColorTokens

Agnidipta Sarkar, VP CISO Advisory at ColorTokens comment

"My community tells me it is both a boon and a bane. The SEC requirement has brought in higher scrutiny and attention of the board for cyber defense readiness, especially because they need to list the nature, scope, timing, and actual or expected material impact. The biggest challenge is determining what security breach may lead to what material breach within the time (4 days).

I see three kinds of companies: Some CISOs are very well prepared and have used this as an opportunity to establish clear protocols for materiality assessment and coordinated disclosure strategies. Most of these organizations have strong internal controls and procedures and they periodically conduct exercises to ensure their business leaders can handle cyber crises more efficiently. Many have already invested in or are deploying technologies like micro-segmentation to divide the computing landscape into smaller manageable zones to make breach reporting easier. However, the secret sauce of these companies seems to be the ability to work more closely with functional business leaders and finance, legal, and communication teams. Some other companies are investing in more efficient asset management and patch management capabilities to ensure reduced attack surfaces and blast radii.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts