Sectoral Cybersecurity Research Outcome Report - ABRASCA and SDL[Rapport de Résultats de Recherche Sectorielle sur la Cybersécurité - ABRASCA et SDL]

This report presents findings from the "Sectoral Cybersecurity Research 2023," an endeavor initiated by ABRASCA - the Brazilian Association of Publicly Traded Companies, facilitated through its Corporate Innovation Committee via the Capital Markets Lab and SDL - The Security Design Lab. The primary objective of this research is to assess the cybersecurity maturity level of publicly traded enterprises, offering insights into their current standing and raising awareness regarding the criticality of this matter within the Capital Markets sphere. The escalating concern among stakeholders, including investors, advisors, and executives, underscores the significance of addressing cybersecurity issues. This concern is further compounded by the increasing frequency of cyber incidents in recent years, which have adversely impacted the reputations and operational continuity of affected organizations. Consequently, regulatory bodies and governmental authorities have been prompted to scrutinize and respond to this emergent layer of complexity within the business landscape and broader society. The outcomes of this research endeavor are intended to furnish empirical data that can inform discussions and advocacy initiatives aimed at shaping future Cybersecurity Policy or Legislation specifically tailored for publicly traded entities. Furthermore, these findings may contribute to the formulation of a self-regulatory framework within the entity, paving the way for the establishment of a comprehensive Cybersecurity Governance and Management Program. In addition to its substantive contributions, this research initiative has also catalyzed the development of an accompanying "Information Security Guide," which is launched in tandem with this report, offering practical insights and recommendations for stakeholders navigating the cybersecurity landscape.