The US Securities and Exchange Commission (SEC) is expected to finalize rules in April 2023 that will require publicly traded companies to disclose details about “material” cyber incidents to the SEC and investors within four business days. The rules will also require corporate boards to disclose information about their cybersecurity governance, including who is responsible for cybersecurity on the board, relevant expertise and how often and through what processes board members are informed and discuss cyber risks.
This is an effort to ensure that corporate boards take cybersecurity seriously and have adequate measures in place to protect their networks and data.
What and who is SEC?
The US Securities and Exchange Commission (SEC) is a government agency that is responsible for enforcing federal securities laws and regulating the securities industry. One of the key areas of focus for the SEC is cybersecurity, as the agency recognizes the growing threat that cyber-attacks pose to the financial industry and beyond.
SEC and cybersecurity
In recent years, the SEC has taken several steps to address cybersecurity risks. For example, in 2011, the agency issued guidance on how public companies should disclose cybersecurity risks and incidents in their financial filings. The guidance emphasized the need for companies to have robust risk management systems in place and to be transparent about any incidents that do occur.
In addition to issuing guidance, the SEC also conducts regular examinations of registered entities to assess their cybersecurity preparedness. These examinations focus on a wide range of areas, including incident response plans, network security, and data protection. The SEC also works closely with other government agencies and private sector partners to share information and coordinate efforts to combat cyber threats.
However, despite the SEC’s efforts, cyber-attacks continue to pose a significant risk to the financial industry and other areas of critical infrastructure. In 2018, the SEC’s Office of Compliance Inspections and Examinations (OCIE) identified cybersecurity as one of the top areas of risk for the securities industry. Now simply known as the Office of Examinations, it has also issued a number of risk alerts, highlighting specific threats such as phishing and ransomware, and providing guidance on how to mitigate these risks.
SEC plays a critical role in protecting the financial industry from cybersecurity risks. The agency’s guidance and examination programs help to ensure that public companies are taking appropriate steps to protect their networks and data. But the ever evolving and sophisticated cyber threats require all entities, not just public companies but also investors, to stay vigilant and take proactive measures to protect themselves.
Leveraging Logpoint to meet the needs of SEC
Cybersecurity is the foundation of securing the growth of any business, it improves the efficiency of business operations and reduces risk. As such, it is vital that the C-suite engages with security teams ensuring cybersecurity is acknowledged, optimized, and functions for the greater needs of the business.
Converging technology accelerates threat detection, investigation, and response. It allows organizations to achieve efficiencies of scale and consolidates the technologies used in their cybersecurity operations, making their security operations simple, efficient, and more effective than they ever thought possible.
In addition, SaaS platforms enable you to keep up to date with the latest threats with ready-to-use security content and playbooks. Knowing all of this, you can rest assured that the business is automatically protected against the most recent threats. Importantly the scalability and flexibility of the SaaS solution enables businesses to use advanced analytics while maintaining control of financial requirements.
Reporting
Logpoint provides offers an extensive range of “out-of-the-box” compliance reports, based on the most common compliance standards. Additional compliance reports can be built using the simple reporting GUI or by Logpoint.
To see how Logpoint can help you with a predictive pricing structure see our Sizing Calculator, an interactive tool that can provide you with an estimate in seconds.
Have an SAP system? Here are some advantages of Logpoint’s SAP Security Monitoring Solution – BCS for SAP:
- Remote Connection Technology to SAP Systems with zero-installation on SAP System Landscape
- Easy Configuration and Deployment
- Cloud Based SIEM on request
- Out-of-the Box Use-Cases and Dashboards for SAP Security Monitoring
- Solutions spanning SAP On-Premise (ERP, S/4HANA, CRM, BW, SRM) and Cloud Systems (SAP SuccessFactors, SAP BTP)
- SIEM and SAP Security knowledge
- Advanced Technologies e.g. UEBA for SAP, SOAR for SAP
If your company must meet compliance requirements and you need a cybersecurity solution that’s simple to install and update – Contact us. Take Tour.
