The State of Cyber Risk Disclosures of Public Companies

Nick Price
Last year's hack of SolarWinds demonstrated the fragility of our cyber landscape - raising many questions for boards, management, investors and regulators alike. Namely, how can we mitigate the risk of more state-powered and multinetwork attacks on U.S. corporations?

Improving cyber risk disclosures had been proposed as part of the solution - or at least, an important step toward providing transparency into companies' exposure. The majority of cyber risk disclosures, however, are largely boilerplate, which not only limits the opportunity for defensive collaboration but leaves investors in the dark as to which operational or financial risks are most material.

In this paper by SecurityScorecard, Diligent, National Association of Corporate Directors (NACD), Cyber Threat Alliance and IHS Markit, we explore the state of cyber risk disclosures and make recommendations for boards:

  • What are the trends in cyber disclosure across U.S. companies?
  • How can boards close the current gap between SEC guidance and proxy disclosure?
  • What tools should boards be using to evaluate their own cybersecurity posture?

Download it today to find out more!
Media Contact:
Shannon N. Booker 202-227-2148 Cyber Risk Disclosures