SEC Commissioner Kara Stein articulated her views about board cybersecurity oversight (among other things) in this speech last week: "From the Data Rush to the Data Wars: A Data Revolution in Financial Markets." Most notably, she: (i) supported the notion of boards retaining independent experts to provide advice on technology and cybersecurity if they lack independent expertise on the board; (ii) advised independent directors to meet with the company's CISO in executive session at least 2x/year to facilitate candid dialogue about "culture, tone and and the resources dedicated to both prevention and resiliency"; and (iii) emphasized the board's duty to affirm that the company's disclosures adequately reflect its significant cyber risks.