The Securities & Exchange Commission’s new Regulation S-K Item 106 in the Form 10-K requires a description of the policies and procedures, if any, for the identification and management of cybersecurity threats, including, but not limited to: operational risk (i.e., disruption of business operations), intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy laws and other litigation and legal risk, reputational risk.
These new cybersecurity rules will also require public companies to disclose the details of any cybersecurity incident they determine to be material on the new Item 1.05 of Form 8-K within four days of determining materiality. Foreign private issuers are now also required to make comparable disclosures.
The SEC Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure take effect in December 2023 and are making cybersecurity a board focus area like never before. Now is the time to assess your operational risk levels.
"Operational risk refers to any situation which could cause a loss of view or loss of control to your connected processes and functions, where view and/or control cannot be recovered automatically or remotely from manipulation."
Managing operational risk requires embedding cyber resilience programs into your overall risk management strategy.
Security leaders often feel comfortable managing IT risk, however, a detailed understanding of operational technology (OT) devices and systems is required to provide the contextual information needed to mitigate, accept, or avoid operational risk.
Risk assessments are available to analyze this information at scale and to assess the implementation, or lack thereof, of key security controls across operations.
Cybersecurity is an operational risk affecting the entire organization, not just IT. Our platform helps executives prioritize and mitigate operational risks inside their most critical assets across sites, regions and teams.
Our platform provides continuous visibility into every operational technology asset, its function and its risk levels.
Learn MoreNozomi Networks vulnerability analysis learns about your unique environment and provides a prioritized list of remediation steps, patches and upgrades.
Learn MoreNozomi Networks’ AI-powered monitoring quickly pinpoints the security threats and anomalies that matter most to help reduce impact severity and analyze root causes of incidents.
View Platform