Join Jack Jones, creator of the FAIR model for risk analysis, for a webinar on Tuesday, April 3, at 2 PM ET on “New SEC Cyber Risk Disclosure Guidance: The FAIR Advantage”.
The Securities and Exchange Commission’s recent interpretive document pushes public companies toward reporting cyber risk in financial terms – exactly the sweet spot of the FAIR model, the only international standard quantitative model for cybersecurity risk.
Whether you’re FAIR-experienced or just exploring quantitative analysis, you’ll get some actionable tips from Jack on negotiating the SEC cybersecurity guidance, much of which is still open to interpretation.
Jack will discuss:
- How to use FAIR to report on the impact of recent incidents and potential future losses from cyber events.
- How to assess the effectiveness of a security program for reporting purposes, without just ticking off boxes on a compliance checklist.
- How to meet SEC cybersecurity guidelines on “board risk oversight” in a meaningful way.
- How to answer the most important question: What are the company’s material risks when the SEC doesn’t offer a standard protocol for determining what’s material and what’s not.
As direction for public companies – or really any companies working out risk governance – the SEC guidance on cybersecurity is an opportunity to rethink existing standards and practices and move to a more effective approach to risk. So bring your questions and comments to discuss with Jack at the webinar:
Tuesday, April 3, at 2 PM ET