Many S&P 500 companies disclosed they have not experienced past material cybersecurity incidents; however, geopolitics and remote work have heightened cybersecurity risk.
The past 12 months have continued to demonstrate significant volatility and uncertainty in the business environment and broader society, including tectonic shifts in disruptive technologies like Generative artificial intelligence (AI), continued economic upheaval, systemic banking risks, complex domestic and global politics, rising workforce activism, ongoing regulatory reform, devastating natural disasters, and the long-term effects of the pandemic. Public companies continue to be challenged to create and protect enterprise value and stakeholder trust in the face of these and other significant risks.
In this context, Deloitte and the USC Marshall School of Business Peter Arkley Institute for Risk Management (USC Marshall Arkley Institute for Risk Management) have conducted their third annual review of risk factor disclosures of Standard & Poor’s (S&P) 500 companies, identifying key trends in the nature and form of these disclosures. This analysis has shown that companies are continuing to report an average…
