Deloitte's new "Cybersecurity risk management oversight and reporting" discusses the implications of the new American Institute of Certified Public Accountants (AICPA) cybersecurity attestation reporting framework (which we recently reported on here - see "AICPA Releases Cybersecurity Reporting Resource for CPAs," and here) and, specifically, how companies can benefit from voluntarily adopting the framework in the context of increasing scrutiny and pressure from investors, customers, regulators and others concerning corporate cybersecurity practices.
The report makes a good case for the multiple benefits potentially attainable from utilizing the framework, including greater transparency, independent and objective reporting (which provides a greater degree of assurance to investors and others), and operational efficiencies resulting from the use of one reporting mechanism that is responsive to multiple stakeholder interests including boards, the media, investors and analysts, regulators/federal agencies, vendors and business partners, and existing and prospective clients/customers.