New DeRISK Executive Report automatically maps cyber risk metrics to SEC requirements for annual reporting of cyber risk management and governance
BOSTON, Feb. 27, 2024 /PRNewswire/ -- DeNexus, a leader in end-to-end cyber risk quantification and management for operational technology (OT) and industrial control systems (ICS), today launched a turnkey solution for DeNexus users to report annually to the SEC on their cyber risk management and governance processes.
The Executive Report and the cyber risk analyses detail an estimation of Annual Expected Losses and Value at Risk for compliance with SEC reporting. Utilizing ROI-based cybersecurity risk mitigation programs and both external (threats, firmographics) and internal data (network topology, devices, vulnerabilities, cybersecurity controls) with DeNexus' proprietary models, the calculations include potential expected losses and their probabilities. The Annual Loss curve provided by DeRisk aids in understanding the likelihood and financial impact of cyber threats, guiding effective risk management decisions, whether through mitigation, acceptance, or third-party transfer.
"In today's landscape, effective cyber risk management is no longer just a suggestion but a necessity," said Jose Seara, Founder and Chief Executive Officer of DeNexus. "With this new SEC regulation emphasizing the need for detailed risk assessment and management, there is no better time for DeNexus to help our customers navigate the complexities of OT Cyber Risk Quantification and Management through unparalleled insights, enabling effective cyber risk management and strategic decision-making."
In addition to reporting cybersecurity incidents promptly, Article 106 of the new SEC cybersecurity regulation mandate U.S.-listed firms to disclose cybersecurity risk management and governance details in their annual 10-K filings. While the rules primarily target publicly listed companies, the interconnected nature of supply chains means that smaller third-party companies, whether public or private, can have a significant impact on public companies. This emphasizes the importance of cyber risk management for all organizations, not just those directly affected by the current regulations.
The new SEC report from DeRISK addresses the comprehensive oversight of cybersecurity risks by committees, focusing on prevention (control maturity), detection (telemetry, vulnerability identification), and mitigation/remediation (risk management projects simulator). Periodic sharing of these risk insights by management ensures the necessary support from relevant committees.
To learn more about DeNexus SEC executive report, download our SEC brief here.
About DeNexus:
DeNexus is the leading provider of cyber risk modeling for industrial networks, global (re)insurers and insurance linked securities (ILS) investors. Our mission is to build the global standard for industrial cyber risk quantification for agencies, shareholders, investors, boards, and the risk transfer market. Our flagship platform, DeRISK, is the world's first evidence-based, data-driven, self-adaptive, cloud-based technology powered by AI, ML and Probabilistic Inference that helps asset owners gain visibility into their true cyber risk exposure, probability of loss and financial impact of a cyber event that guides risk stakeholders towards the best risk mitigation paths for their organization.
ICR/Lumina Communications for DeNexus
Danielle Scotto, Account Director
[email protected]
917-622-4688
SOURCE DeNexus
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article