22nd e-Crime & Cybersecurity Congress Germany
30th January 2024 • Steigenberger Frankfurter Hof, Frankfurt
NIS2 expands personal liability for some cybersecurity failings. Time for Boards to pay up?
Adapting to a new environment – fast
In Europe, the UK, the US and Asia, regulators are finally taking cybersecurity seriously. In finance , yes, there has been regulation of sorts – aside from GDPR and newer resilience requirements. But more is here and even more is coming.
In Europe NIS2 imposes significant new burdens on organisations and UK-based organisations with EU operations will have no choice but to adhere to them.
In the US, the SEC has just The Securities and Exchange Commission today adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.
The Commission also adopted rules requiring foreign private issuers to make comparable disclosures.
“Whether a company loses a factory in a fire — or millions of files in a cybersecurity incident — it may be material to investors,” said SEC Chair Gary Gensler.
That statement explicitly links cybersecurity to enterprise value and makes it a matter of legitimate concern to investors. This is another story that links security to governance but also starts to assign real value to good security.
Come to the e-Crime & Cybersecurity Congress Germany to find out:
- How your fellow cybersecurity professionals are coping with these challenges day-to-day?
- How you can use resilience regulations to build truly risk-based approaches to defend the assets and processes that really matter.
- What practical steps you can take to get better supplier visibility and understanding?
- How to economically enhance the security built into Cloud infrastructure and applications with selected additional technologies.
- How new and not-so-new EU Directives are driving the Board view of cybersecurity risk and investment.