SEVN-X

It takes a while for regulators to enforce penalties... but they all do eventually. This week the SEC levied fines (https://lnkd.in/e6sXyqjX) totaling ~$7M across four organizations (Unisys, Avaya, Check Point, and Mimecast) for "making materially misleading disclosures regarding cybersecurity risks and intrusions." Unisys being the "lucky winner" with a $4M fine alone. Right, ok, so it's just another fine from a regulator, right... RIGHT? Yes and no. For anyone tracking some of the regulatory changes the past few years (hey Steve Foret, didn't you write a post about a year ago on this? https://lnkd.in/effSZRKC), the SEC has taken an increasing interest in what and how publicly traded organizations communicate their Cybersecurity posture, as incidents/events/breaches can have a material impact on their financials, and the public should have accurate information to have confidence in their investments in these organizations. So yes, in some ways this is a regulator... regulating. It's also an early indicator of what's to come - more thorough and public accountability around cybersecurity incidents. The SEC has demonstrated a willingness to consider the balance between national security, organizational security, and information the public needs. We're at an inflection point where these small fines (relative to the size of the penalized entity) will slowly encourage transparency, a good things for consumers. Human readable article for those intimidated by the SEC website :) https://lnkd.in/erxane9n SEVN-X #seccybersecurity

CISOs rarely are given carte blanche when it comes to addressing gaps identified during a cybersecurity framework assessment. A thoughtful approach to remediation is required to leverage resources to the maximum benefit. The eleventh in our Cybersecurity Framework series “Cybersecurity Framework Assessments: Prioritizing your Remediation” is now available (Find the link in the comments). SEVN-X takes a deep dive into helping you prioritize your remediation activities. Steve Foret and I give helpful guidance on strategic remediation of your framework gaps. In future posts we will take a deeper dive into other common security frameworks. #cybersecurity #securityframeworks #informationsecurity

You already know that AI is changing pretty much everything... Be part of the conversation on how it's changing everything at part two of Philly Tech Council's AI for Everyone: Exploring Innovation & Responsible Use! On the agenda: 💡 Panel Discussion on Innovation and Responsible Use of AI ⚡ Lightning Talks by Philly Leaders 🔏 Policy & Organizational Roadmap Creation 🚀 AI Product Demos 🎬 East Coast Premiere of #Inhuman documentary 🌐 Networking 🔗 Link to register in the comments! Independence Blue Cross Carolina Lobo Jake Dawson‏ Matt Barnett Chris Glanden Keith McMenamin #ai #phillytechcouncil #inhumandocumentary

October is Cyber Awareness Month – What are you doing to make Cyber Awareness Month significant to your organization?   SEVN-X is out there this month in public presentations and company internal presentations to help increase awareness of cyber threats and how to be safe, secure and prepared for cyber breaches.   Please share with us in a comment what you and your team are doing to make your organization more aware and more prepared for the cyber threat landscape.   Thanks in advance for your comments!   If we can be of help with your cybersecurity program, please contact @SEVN-X. As always, we are happy to help!   #MWM #SEVNX #cybersecurityawareness #cybersecurity #achievebettercybersecurity #pentest #happytohelp