Nos derniers articles

This research paper by Dr. Ana Zavgorodnia argues that cybersecurity spending should be managed through the same capital allocation discipline used in other major business domains. Although tools for quantifying risk exist, many boards currently approve security budgets based on compliance or technical narratives rather than financial materiality. To bridge this gap, the author introduces a framework featuring Exposure-Adjusted Estimation to identify risk concentrations and a Risk Efficiency Ratio to prioritize investments based on their marginal return. The model also categorizes spending into four functional domains to help leadership maintain a balanced security portfolio. By aligning with 2023 SEC disclosure rules, this approach transforms the CISO’s role into one focused on economics and risk-adjusted decision-making. Overall, the text provides a structured mechanism for boards to exercise substantive oversight by treating cyber defense as a strategic financial priority.

The European Union’s AI Act significantly reshapes corporate governance, imposing new responsibilities on directors, compliance officers, in-house counsels, and corporate lawyers. It demands transparency, risk management, and regulatory oversight for AI systems, particularly high-risk ones. These professionals must integrate AI oversight into governance, manage liability, conduct impact assessments, and ensure cross-border compliance. With its extraterritorial reach, the Act influences non-EU entities and sets global standards for AI governance. This paper aims to offer strategic guidance on aligning corporate policies with these emerging legal requirements, emphasizing proactive risk management and ethical AI adoption.

“The analysis reveals that boards are ineffective in cybersecurity risk oversight due to a lack of IT knowledge, and cybersecurity expertise is largely absent at the board level.”

Amid a surge in corporate social responsibility (CSR) communication, this study delves into the prevalence of symbolic CSR actions versus substantive efforts. Focusing on US-listed firms, it links CSR decoupling with heightened financial fraud risks. Factors like governance, audit quality, and ownership concentration amplify this vulnerability, emphasizing caution for stakeholders and regulators when assessing CSR claims.