CISOs face increasing personal and criminal liability for improper or incomplete risk management and disclosure during cyber incidents. The SEC, DOJ and international regulators are targeting executives who knowingly omit or distort cyber risk information. Increasing attacks on IoT and OT device vulnerabilities Cyberattacks are increasingly driven by software vulnerabilities embedded in OT and IoT devices. The 2025 Verizon Data Breach Investigations Report noted that 20% of breaches were vuln...
