124 résultats
pour « Résilience numérique »
The increasing complexity of data protection laws, rising compliance costs, and evolving cyber threats make data security a vital business concern.
#regulators recently issued #cybersecurity #disclosure guidelines to enhance #transparency and #accountability among firms. A study analyzed cybersecurity disclosure practices among a sample of Toronto Stock Exchange firms over seven years. Findings indicate a notable increase in disclosure after 2017 guidance by #canadian Securities Administrators. However, improvements are needed, especially in #governance and #riskmitigation disclosure. This study sheds light on policy's impact on cybersecurity transparency.
#cybersecurity goes beyond networks and people, encompassing #physicalsecurity crucial for organizations. Inadequate physical security, seen in incidents like the Oklahoma City bombing, 9/11 attacks, and U.S. Capitol breach, highlight policy and control failures. Effective physical security involves planning, #riskassessment, #controls, and frameworks like #cpted, #nist, and #fema, addressing present and future #threats.
The current global #dataprivacy situation resembles the accountability crisis during the early 2000s US accounting scandals. Lack of oversight, #transparency, and #regulation has led to confusion and distrust. By emulating successful models like the Sarbanes-Oxley Act, companies can regain consumer trust by treating privacy policies like #financialstatements, standardized and audited. The proposal includes #privacy #controls similar to financial internal controls and a Privacy Cube framework for #riskmanagement, ultimately aiming to rebuild #consumertrust in #data handling.
The study analyzes how #cybersecurityrisk impacts #clawback policy adoption in #us listed firms from 2008-2018. It finds that rising cybersecurity risk increases clawback adoption, influenced by business goals, management preferences, and market efficiency. Stronger tech commitment and non-co-opted boards reduce this effect, showing firms consider clawbacks as preventive against #misconduct, incorporating cybersecurity risk.
On July 26, 2023, the #sec adopted final rules requiring disclosure of material #cybersecurity incidents on Form 8-K and periodic disclosure of a registrant’s cybersecurity #riskmanagement, strategy, and #governance in #annualreports.
"This paper presents a continuous-time dynamic model of market adoption of #cybersecurity. Individuals choose whether and when to make a precautionary investment in self-protection against the evolving security #risk of direct attack and indirect contagion. The equilibrium adoption path has a ``tipping point'': individual users will invest to get protected all at once when a critical mass of the infected has been reached."
This paper examines the impact of #databreach #disclosure laws (DBDL) on companies' voluntary #financial disclosure behaviors. The authors use a difference-in-differences analysis to show that firms have a higher propensity of disclosing non-#gaap earnings after the adoption of DBDL, suggesting that such mandatory disclosure #regulation on #cybersecurity stimulates firms' voluntary disclosure of non-GAAP earnings.
This paper analyzes the constraints on the #insuranceindustry in providing larger capacity for #cyberrisk #insurance. The authors argue that cyber risk is unique in that it is both information-intensive to underwrite and heavy-tailed, leading to a tension between the need to raise large amounts of external capital to finance heavy-tailed risks and the high compensation demanded by capital providers due to information frictions.
This paper analyzes the characteristics of #cyber #loss #events and how they evolve over time. The authors use three large databases to address the problem of #report #delay and analyze the #frequency and #severity of different categories of #cyberevents . They find that the frequency of malicious cyber events has grown exponentially in the past two decades, but there is no significant change in loss severity.