• Home
  • Incident Response 40 for 2022
  • About
  • Webcasts
  • Contact
Cybersecurity Docket
  • Data Breach
  • Global
  • People
  • Regulatory
  • Risk Mgmt
  • Subscribe by email
  • Subscribe
Browse: Home / 2019 / October / 28 / E&Y: What companies are sharing about cybersecurity risk and oversight

E&Y: What companies are sharing about cybersecurity risk and oversight

By Securities Docket on October 28, 2019, 7:47 am

The U.S. Securities and Exchange Commission (SEC) issued guidance in 2018 promoting clearer and more robust disclosure about cybersecurity risks and incidents and how boards discharge their cybersecurity risk oversight responsibility.

Our 2018 Cybersecurity disclosure benchmarking report explored how companies were responding to this guidance.

We undertook the same research this year to help inform stakeholders of emerging trends and developments.

We analyzed three areas of cybersecurity-related disclosures in the proxy statements and Form 10-K filings of Fortune 100 companies from 2018-2019: board oversight (including

risk oversight approach, board-level committee oversight, and director skills and expertise), statements on cybersecurity risk, and risk management (including cybersecurity risk management efforts, education and training, engagement with outside security experts and use of an external advisor). We found that many companies are enhancing their cybersecurity disclosures, with the most significant changes related to board oversight practices.

E&Y:What companies are sharing about cybersecurity risk and oversight

Posted in Top | Tagged Disclosure

« Previous Next »

Now Available!

johnreedstark cover 230

Join Us On LinkedIn

Join the Cybersecurity and Incident Response Group on LinkedIn

Copyright © 2023 Cybersecurity Docket.

Powered by WordPress and Hybrid.