Left of Bang : Nation States are Regulating Cybersecurity Risk Management.
Insights Into Cybersecurity Risk Management
Cybersecurity is the most significant non-financial risk faced by the public and private sectors. It is a complex risk that market forces alone have failed to manage. It is a risk that governments are starting to regulate. It is a dynamic and unstable risk that is poorly understood and managed in general, demonstrated by the frequency, complexity and severity of cyber attacks. The insurance industry is struggling to economically underwrite and remediate cyber risk.
All resulting in the European Commission, US Government and governments across the GCC region and Asia introducing cybersecurity risk management regulation. Regulation that, when it turns to enforcement, will over time set precedent, reaffirm compliance standards and be tested in court. Enforcement actions that place corporate boards on notice that their decisions could be assessed, in response to their fiduciary duties in assessing, mitigating and responding to cyber risks and incidents.
We have written several papers addressing cybersecurity, cybersecurity regulatory compliance, board governance, risk management and cybersecurity risk strategy. Some of our work has been reviewed and presented to The White House Office of the National Cyber Director (ONCD), the Cyberspace Solarium Commission, the US Department of Defence, UK Parliamentary Working Groups, Academic Institutions and international professional associations.
 |  |  |  |  |