Adoption of a Cybersecurity Framework: This research shows how the adoption of a cybersecurity framework helps organizations meet the Securities and Exchange Commission (SEC) cybersecurity disclosure requirements, protect investors and control cyber risks. The implementation of a cybersecurity framework enables organizations to evaluate their risk factors required to be disclosed in SEC filings and determine the materiality of cybersecurity risks or incidents given their likelihood and impact, including harm to a company’s reputation, financial performance and the possibility of litigation or regulatory actions.
About the author: Oscar Quinones-Soto
Oscar Quinones-Soto is a Records and Information Management professional and Certified Records Manager (CRM) working at a Fortune 100 company. He started his career as SAP Security Analyst, providing global support for four strategic business unit landscapes consisting of over 100 SAP systems, for over 100K users supporting $40B company revenue generation. He has also collaborated on the implementation of Governance, Risk and Compliance tools for various companies, has actively supported SOX compliance audits and implemented SAP audit controls that received “Robust Rating” from the external auditing firm. In 2020, Oscar obtained a Master of Laws (LL.M.) in Cybersecurity and Data Privacy from Albany Law School and became a Certified Information Privacy Professional (CIIP/US).