The greater use of computer technologies to conduct business increases the risk of cybersecurity incidents and data incidents at public companies. It is necessary for both corporations and auditors to understand internal controls over financial reporting (ICFR) related to cybersecurity and information technology. Due to the proliferation of attacks, accompanied by a variety of challenges associated with implementing effective controls meant to minimize the threats, cybersecurity has emerged as an ongoing corporate governance risk and audit risk.

In this article, Audit Analytics examines the increase in cybersecurity breaches disclosed by public companies since 2011.