In the context of investors' and regulators' increasing expectations of enhanced disclosure on cyber risk preparedness, mitigation, and oversight, "A Snapshot of the U.S. Cybersecurity Disclosure Landscape" from Boardroom Resources identifies these share-worthy examples of 2018 proxy disclosure on board cybersecurity oversight:
Cybersecurity and Information Security Risk Oversight
Our Board recognizes the importance of maintaining the trust and confidence of our customers, clients, and employees, and devotes significant time and attention to oversight of cybersecurity and information security risk. In particular, our Board and Enterprise Risk Committee each receives regular reporting on cybersecurity and information security risk. The Board and Enterprise Risk Committee receive presentations throughout the year on cybersecurity and information security topics. Our Enterprise Risk Committee also annually reviews and approves our Global Information Security Program and our Information Security Policy. In 2016, we updated our Enterprise Risk Committee’s charter to make explicit the Committee’s responsibility for reviewing cybersecurity and information security as well as steps taken by management to understand and mitigate such risks. At least twice each year, the Board discusses cybersecurity and information security risks with the Chief Operations and Technology Officer and the Chief Information Security Officer. Our Board received quarterly updates on cybersecurity and information security risk in 2017.
