Financial reporting scandals of the early 2000s led to the creation of the Sarbanes-Oxley Act, or SOX, which established greater accountability, including around cybersecurity, for U.S. publicly traded companies and publicly traded non-U.S. companies doing business in America.
Knock Your SOX Off
SOX established extensive requirements for publicly traded companies to establish internal auditing controls and procedures for financial reporting. Trustwave can help you implement the necessary controls and respond to reporting requirements to adhere to the regulation.
SOX: Fast Facts and Consequences
- The act was passed on July 30, 2002, in the wake of the Enron, Worldcom, Tyco International and other high-profile corporate scandals.
- While the law does not promulgate specific IT provisions, it requires that an independent auditor attest to management's assessment of the efficacy of internal controls, including security systems.
- The U.S. Securities and Exchange Commission recently published new guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.
- CEOs and CFOs who purposefully submit wrong certifications face up to 20 years in prison and fines up to $5 million.
The Best of Both Worlds: Blending Best Practices with New Security Protocols
Cybersecurity is an ever-evolving discipline. Attacks change, technologies come and go, processes adjust, new compliance mandates are regulated, and people are there to hold it all together. But none of this is new, and not likely to change much. It’s the way of life for today’s security organizations.
Tailored for Your Organization
Our compliance and risk assessments involve various policies, procedures and practices which we evaluate through documentation review, interviews, facilities inspection, controls assessment and examination of your current security architecture.
Extensive and Experienced Support
Our team of seasoned compliance support analysts are available 24x7x365 to aid financial institutions, which are heavily targeted by attackers and can be stretched to the limit as a result.
Security Portfolio Enables Compliance
If your security stance is mature, compliance to SOX will be a natural byproduct. Our suite of security products and managed services helps protect critical assets and combat advanced threats.
Supported by Industry-Leading Threat Intelligence
Our elite SpiderLabs team and federated global network of security operations centers produce unique threat intelligence that helps us prevent, monitor and respond to your security events.
SOX requires that publicly traded companies are able to attest to the effectiveness of their internal controls over financial reporting, and this now includes cybersecurity. Here are some of the ways we can help:
Managed Security Services
Reduce risk with managed security services that evolve processes, elevate data protection strategies and advance the way you monitor for, detect and respond to threats.
Managed Security Testing
Receive on-demand, precision-based penetration testing with just a few clicks of a mouse. With a subscription, you can log in to the portal and schedule testing of vulnerabilities in databases, networks and applications.
Enterprise-Grade Data Security
Identify security lapses and ensure your information repositories stay protected from internal gaffes and nefarious attackers, while maintaining compliance with SOX.
Incident Readiness and Response
Prepare for and react to security incidents and breaches with the help of our SpiderLabs team, who identifies root causes of incidents and communicates responses in a way your team and management can understand.