You’re just one step away from connecting with fellow CXOs
Americas
Post-SEC Cyber Regulations Success Formula for Board Directors and Executives
Join the Zscaler team and fellow security and IT executives for a roundtable discussion on the best approaches for cybersecurity risk management and the new breach-reporting rule by the Securities and Exchange Commission (SEC). Learn about the latest cyber risk and assessment best practices, strategies for CXO communications with boards, and how the SEC's newest breach-reporting rules may affect your role. Bring your questions, concerns, and curiosity and join peers for a critical discourse that can help you and your organization make better decisions.
Responding to and reporting on an incident
Has your process for determining the materiality of an incident been clearly defined?
If the CISO is still engaged in the response and remediation of an incident, has someone been designated responsible for informing business leaders on a regular basis?
What is the process for convening and informing the board in light of a cybersecurity incident?
What is the board’s role in determining materiality?
Do you conduct routine tabletop exercises to determine how the organization would respond to a material incident? Is the board involved in these exercises?
Ensuring you make the four-day window
What is your company’s procedure for filing an 8-K after an incident has been deemed material?
Is the process in writing and are roles clearly assigned?
What other processes kick into place after an incident has been disclosed to the SEC? Is there a public relations or customer communication component of the plan?
Who is authorized to speak publicly about the incident at the company?
Is there a process in place for communicating with employees about the filing? Will they be given guidance on how to respond should they be contacted, via the Help Desk for instance?
