Security News > 2023 > October > What is operational risk and why should you care? Assessing SEC rule readiness for OT and IoT

Of particular concern is whether public companies who own and operate industrial control systems and connected IoT infrastructure are prepared to fully define operational risk, and therefore are equipped to fully disclose material business risk from cyber incidents.

Operational risk in OT and IoT. Cybersecurity incidents continue to disrupt production, with companies like Clorox reporting product shortages a month after disclosure.

Operational risk refers to any situation that causes a loss of view or loss of control to your connected processes and functions, where view and/or control cannot be recovered automatically or remotely from manipulation.

The reactive nature of cybersecurity has led to a reality in which boards and executive leaders attempt to mitigate risk by tasking security teams to avoid risk.

The SEC rule requires organizations to report how they do enable security teams and managers to understand, evaluate, and mitigate material risk.

Due diligence for operational risk will build the muscle and resilience required for the long run.

News URL

https://www.helpnetsecurity.com/2023/10/25/operational-risk/