Public company directors participating in Corporate Board Member’s May 2022 Director Confidence Index (in partnership with Diligent Institute) reportedly did not register significant concerns at this stage about the SEC’s proposed cybersecurity incident reporting and disclosure proposal, generally indicating an expected moderate impact on the company associated with the proposed rule’s incident reporting and updating requirements and governance disclosures.
That said, nearly one-third of directors said their board is looking to upskill current directors and executives on cybersecurity oversight and management in response to the proposal, while 25% said they plan to bring in outside consultants to assist the company’s compliance with the proposed requirements.
Many comments expressed by participating directors and included in the Corporate Board Member report reveal that at least some directors are not too keen on the proposal, describing it as overly simplistic, unnecessary, impractical, costly, and beyond the SEC’s scope, among other things.
As previously reported, the Society submitted this comment letter in response to the SEC’s request for comments on the proposal.
Access additional resources on our Cybersecurity/Data Privacy page.
This post first appeared in the weekly Society Alert!