CISOs discuss practical tactics to abide by the rules – and, incidentally, to better protect themselves and their companies
If you’re a CISO (or aspiring CISO), the new SEC cybersecurity rule is probably top of mind right now.
Â
Of course, you can already find plenty of formal guidance from law firms and Big 4 consulting firms – but we wanted to learn what CISOs are telling other CISOs about it.
Â
Beyond the legal intricacies and operational challenges – the 4-day deadline, materiality, IR processes, etc. – we also asked CISOs about how to navigate the personal liability and internal management nuances of complying with the SEC rule.
Â
For this new SEC report written in collaboration with Evan Schuman, Contributing Writer for Dark Reading and CSO Online, we interviewed security leaders from diverse verticals, including:
Charles Blauner, former Global Head of Information Security for Citi
Mario Duarte, former VP of security for Snowflake
Selim Aissi, EVP & CISO for HealthEquity (former CISO for Ellie Mae)
The report also includes published comments from:
Joe Sullivan, former Uber CISO
Rex Booth, SailPoint CISO
Eric Gerding, SEC director of the corporate finance division
Â
Check out the SEC report to hear these expert perspectives on how the new SEC rule raises the bar for cybersecurity transparency and assessing the material impact of incidents.