Lucian Niemeyer, CEO of Building Cyber Security, participated in a video interview in conjunction with Nareit’s REITwise: 2023 Law, Accounting & Finance Conference held March 21-23 in Phoenix, Arizona.
Niemeyer said that companies first need to understand what their cyber risk is before they can ensure that their data and operations are secure.
“Every company has a different set of priorities as far as what’s the existential risk to their brand, to their employees, to their operations,” he said. “So it starts with: ‘What can happen to us that will cause us the most harm?’”
Niemeyer added that companies can start implementing “easy” programs, like cyber hygiene protocols.
“You can cut down a lot of risk at the corporate level just by a little more diligence,” he said.
Niemeyer said the SEC is “doing the right thing” with its proposed rules that call for enhanced required disclosure of cyber security incidents in corporate filings.
“When you look at what a cyber attack can do to the valuation of an asset or the valuation of a company, it’s pretty significant,” he noted. “Shareholders and investors need to know what the risks are and what a company is doing to mitigate the risk.”