The SEC recently proposed new rules that would require U.S. public company boardroom disclosure of corporate directors with cybersecurity expertise. This is currently a relatively rare skill set within the ranks of most corporate boards, not just in the U.S. but worldwide. The SEC wants deep operational competencies in cybersecurity in the boardroom, as they did with financial expertise. The SEC expects adding this director competency to U.S. public company boards will strengthen the boardroom as a critical control point in every company’s cybersecurity system. As happened with SOX, regulators around the world will also likely mirror this requirement, creating a global acceleration of cyber board transformation.
The Privacy & Cybersecurity team at Michael Best can guide you in preparing to be compliant with these proposed rules or shoring up your cybersecurity controls even if the SEC rules do not apply.
This is a very demanding area and most companies now recognize that cyber-threats can cause serious harm. You need people who understand this space and have a much deeper working practitioners’ knowledge of these issues.