CISOs discuss practical tactics to abide by the rules – and, incidentally, to better protect themselves and their companies
If you’re a CISO (or aspiring CISO), the new SEC cybersecurity rule is probably top of mind right now.
Of course, you can already find plenty of formal guidance from law firms and Big 4 consulting firms – but we wanted to learn what CISOs are telling other CISOs about it.
Beyond the legal intricacies and operational challenges – the 4-day deadline, materiality, IR processes, etc. – we also asked CISOs about how to navigate the personal liability and internal management nuances of complying with the SEC rule.
For this new SEC report written in collaboration with Evan Schuman, Contributing Writer for Dark Reading and CSO Online, we interviewed security leaders from diverse verticals, including:
Charles Blauner, former Global Head of Information Security for Citi
Mario Duarte, former VP of security for Snowflake
Selim Aissi, EVP & CISO for HealthEquity (former CISO for Ellie Mae)
The report also includes published comments from:
Joe Sullivan, former Uber CISO
Rex Booth, SailPoint CISO
Eric Gerding, SEC director of the corporate finance division
Check out the SEC report to hear these expert perspectives on how the new SEC rule raises the bar for cybersecurity transparency and assessing the material impact of incidents.