What Do CISOs Have to Do to Meet New SEC Regulations?
DARKReading, Monday, December 18,2023
As stringent new SEC reporting rules take effect, CISOs need to assess internal processes and understand their responsibilities. But there's a bright side.
Question: How can CISOs keep up with changing cybersecurity regulations?
Ilona Cohen, Chief Legal and Policy Officer, HackerOne: It is never an easy time to be a chief information security officer (CISO), but the past few months have felt particularly challenging. To the usual stressors of the job - such as the ongoing increase in ransomware attacks and the pervasiveness of insider threats - we can now add heightened regulatory enforcement scrutiny.
The recent charges from the US Security and Exchange Commission (SEC) against SolarWinds' CISO is the first time a CISO has been singled out in this way by the agency. This suggests a larger trend of increased accountability for individuals in charge of managing organizational security programs.