The Augusta Group and 327 Solutions announce their education partnership

The Augusta Group
  • Home
  • Our Work
    • The Augusta Plan 1.0
    • The Augusta Plan 2.0
    • The Augusta Plan 3.0
    • Small Business Cyber
    • FISMA, OMB and the RMF
    • DoDi 5000.90, FISMA, SCRM
    • Is cyber insurable?
    • SEC cyber-risk proposal
    • Left of bang cyber
    • Board cyber education
  • Services
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
  • The Augusta Blog
  • Meet the team
  • Contact Us
  • More
    • Home
    • Our Work
      • The Augusta Plan 1.0
      • The Augusta Plan 2.0
      • The Augusta Plan 3.0
      • Small Business Cyber
      • FISMA, OMB and the RMF
      • DoDi 5000.90, FISMA, SCRM
      • Is cyber insurable?
      • SEC cyber-risk proposal
      • Left of bang cyber
      • Board cyber education
    • Services
      • Cyber and Risk Advisory
      • Non-Executive Director
      • Training and Compliance
    • The Augusta Blog
    • Meet the team
    • Contact Us
The Augusta Group
  • Home
  • Our Work
    • The Augusta Plan 1.0
    • The Augusta Plan 2.0
    • The Augusta Plan 3.0
    • Small Business Cyber
    • FISMA, OMB and the RMF
    • DoDi 5000.90, FISMA, SCRM
    • Is cyber insurable?
    • SEC cyber-risk proposal
    • Left of bang cyber
    • Board cyber education
  • Services
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
  • The Augusta Blog
  • Meet the team
  • Contact Us

SEC: Cybersecurity risk management

Cybersecurity is the most significant non-financial risk faced by the public and private sector.  A risk that market forces alone has failed to manage and a risk that governments are starting to regulate, in order to manage it.  


The SEC announced proposals on the 9th of March 2022 requiring registrants of US Capital Markets to comply with cybersecurity risk management, strategy, governance and incident reporting requirements formally.  The implications of which are far reaching and will require public firms and their boards to:


•Report their policies and procedures, if any, for the identification and management of risks from cybersecurity threats, including whether the registrant considers cybersecurity risks as part of its business strategy, financial planning, and capital allocation. 

•Oversight of cybersecurity risk, management’s role in assessing and managing such risk, management’s cybersecurity expertise, and management’s role in implementing the registrant’s cybersecurity policies, procedures, and strategies.

•Declare whether any member of the registrant’s board has expertise in cybersecurity, and if so, the nature of such expertise.

•Report material cybersecurity incidents within four business days.

•Provide updates in periodic reports about previously reported cybersecurity incidents. 


In the enclosed paper we discuss the implications of the SEC proposal, that is likely to  be mandated in 2022.


Now is the time to prepare for cyber-risk management

The SEC proposal sets a benchmark for cybersecurity risk man

Download PDF

Copyright © 2021 Augusta GRC, LLC - All Rights Reserved.

The Augusta Group

  • Home
  • Small Business Cyber
  • FISMA, OMB and the RMF
  • DoDi 5000.90, FISMA, SCRM
  • Is cyber insurable?
  • SEC cyber-risk proposal
  • Left of bang cyber
  • Board cyber education
  • Cyber and Risk Advisory
  • Non-Executive Director

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept