In this episode of eXploring cybersecurity we discuss the new SEC regulations around incident reporting for public companies, risk quantification vs risk qualification, and the importance of basic cyber hygiene. Host and ThreatX Field CISO, Jeremy Ventura will be joined by Head of Cyber Risk Engineering at Bowhead Specialty Underwriters, Edwin Covert.

Key Topics:

• New SEC Regulations on Incident Reporting: Delve into the latest SEC regulations that dictate how public companies should report cybersecurity incidents, exploring their implications and potential impact on the business landscape.
• Impact on CISOs and Boards: Explore the changing roles and responsibilities of Chief Information Security Officers (CISOs) and company boards in light of the new SEC plan, highlighting the challenges and opportunities they face in safeguarding corporate data.
• Preparedness of Organizations: Assess whether organizations are adequately prepared to meet the requirements of the new SEC regulations, discussing the measures and strategies they should implement to enhance their cybersecurity posture and incident response capabilities.
• Sustaining Cyber Hygiene and Fundamentals: Emphasize the importance of maintaining strong cybersecurity hygiene and foundational practices within organizations.
• Risk Qualification vs. Risk Quantification: Clarify the distinction between risk qualification and risk quantification in the context of cybersecurity, offering insights into how organizations can effectively assess and communicate cybersecurity risks to make informed decisions.