The newly released Security and Exchange Commission (SEC) cyber incident disclosure rules have been met with mixed reviews. Of particular concern is whether public companies who own and operate industrial control systems and connected IoT infrastructure are prepared to fully define operational risk, and therefore are equipped to fully disclose material business risk from cyber incidents. This concern also provides a fresh opportunity for preparedness. The rules require registrants to disclose material cybersecurity incidents (via … More
The post What is operational risk and why should you care? Assessing SEC rule readiness for OT and IoT appeared first on Help Net Security.