In February 2018, the SEC voted unanimously to approve a statement and interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents. Shortly thereafter, the SEC brought charges against Yahoo for failure to report data breaches in 2015-2016 periodic reports, and in recent months, the SEC has continued to signal their increased focus on this critical disclosure issue.
Covering the latest in capital markets transactions, funds, annuities, financial reporting and SEC filings
01 September 2015
Cybersecurity and mergers and acquisitions (M&A) are two topics that command the attention of the finance industry. Put both issues together – the impact of data security issues on M&A transactions – however, and, all too often, finance professionals can develop a blind spot.
A previous blog post explored some of the far-reaching consequences that a breach in data security can have on a company. The annual global cost for cybercrime reached more than $400 billion last year according to a report from IBM. Another side to this complex and massive issue deals with what a company can do to minimize these consequences – from lawsuits, regulatory action, consumer confidence, and more. Because the technological aspects of cybersecurity are so intricate, what follows will only address non-technological ways to be prepared around these issues.
There are a number of proactive actions that can help the board of directors, executive team, and company employees reduce risk in case of a breach. With this in mind, we compiled six key non-technological tactics to help protect your company against future cybersecurity threats.