A new study shows public companies are making strides in bolstering their cybersecurity programs ahead of new federal rules effective in December. But the recent Deloitte survey of more than 1,300 executives also suggests many companies have a long way to go in updating policies and practices, particularly those involving communication with third-party service providers.
Once a company determines that a cyber breach is material, it will have just four business days to report the incident in an 8-K filed with the Securities and Exchange Commission (SEC). Many survey respondents are concerned about their ability to comply with this expedited reporting timeline when a third party is involved.
Only 11 percent of executives surveyed by Deloitte said they have controls and protocols in place with third parties. Another 23 percent said they are working on getting those controls and protocols in place. A larger percentage, 27.4 percent, said they have not yet completed evaluations of communication with third-party suppliers but are in the process.
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
- Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
*May exclude premium content© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
