About Us | Contact Us
View Cart

Proposed Bill Would Make Cybersecurity Disclosure The Board’s Responsibility

By Vigilize | Tuesday, March 28, 2017 - Leave a Comment

The Cybersecurity Disclosure Act of 2017 Would Make The Board Report on Its Own Expertise


An article review.


ServIcons_ITAudit_01

For those of you wondering if you should be adding a Cybersecurity expert to your board of directories, you may be getting out in advance of law.  We at infotex have been invited to consult with several bank boards, and have found the engagements to be both productive and enlightening.  But will future law allow this function to be outsourced?

The number of cybersecurity related incidents at major corporations over the last few years hasn’t escaped the attention of voters, or the politicians that represent them, as evidenced by a bill introduced in the Senate this month.

The Cybersecurity Disclosure Act of 2017 would require SEC filings to indicate the amount of cybersecurity expertise possessed by a firm’s Board of Directors–or lacking that, what they’re doing to make up for that lack of expertise. These disclosure provisions make up the bulk of the bill, which aim to provide transparency for shareholders and provide an incentive for corporate leadership to get ahead of security issues before they become security breaches.

While the future of this bill is uncertain it is part of a growing trend in legislation addressing the issue of cybersecurity, including regulations that recently went into effect in New York State requiring organizations to produce annual cybersecurity reports. We can only expect to see similar attempts in the future as voters become more aware of the risks they face when they trust businesses with their private information.


Original article by Kevin Townsend writing for Securityweek.


same_strip_012513


 

Latest News
    Community Banking and their layers of security. . . Michael Hartke’s first post as Executive Vice President! Thinking back to my first talk to security professionals in community banking almost 10 years ago, the question continues to this day. First some background… infotex was moderating the Indiana Bankers Association Security Conference when one of the […]
    Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to offerings.infotex.com! We even made a movie with all the reasons why infotex should be your next MSOC!  
    infotex and GoTo To all infotex managed security service Clients: As recently reported by major news outlets there was a data breach affecting GoTo (formerly LogMeIn) wherein attackers stole encrypted backups containing customer information in November 2022.  Based on the advisory from GoTo the products they offer that are affected include LogMeIn Pro, LogMeIn Central, […]
    An option for increasing security for ALL organizations. . . The threat landscape is evolving daily, and it is becoming increasingly difficult for even large organizations providing cyber defense services to keep up. As Brandao (2021) notes, it is important for organizations to adapt holistic technologies that can correlate all attack events. Therefore, developing XDR […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your […]
    A relic of the internet’s less secure past, many small firms struggle to secure their email systems… An article review. With a great deal of cybersecurity related news focused on new threats and similarly new techniques aimed at combating them, it can be easy to forget some of the older threats that have never gone […]
    Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]
    System Security and Cybersecurity are not the same thing. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Regarding “information security,” the last thirty years have seen an evolution of frameworks, laws, and assessment approaches which intimidate the management team with their complexity.  […]
    The cryptographic algorithm is vulnerable to attack and is no longer considered secure… An article review. NIST has announced that it plans to retire the SHA-1 cryptographic algorithm by the end of 2030, citing multiple vulnerabilities in the standard, effectively ending its use after nearly 30 years.  Introduced in 1995, SHA-1 used a 160-bit hash […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your […]