"Cybersecurity Responsibility Expands to Corporate Boards" from Corporate Compliance Insights is particularly noteworthy for the color it provides to utilizing a company Disclosure Committee (either previously established for SOX 302 financial reporting purposes or a new committee) to effect key aspects of the SEC's 2018 cybersecurity guidance. While company practices differ, the article's suggested approach to ensuring that relevant information about cybersecurity risks and incidents is captured, assessed, and reported up the ladder to ensure fully informed disclosure decision-making is easily adaptable to different organizational structures and other company-specific circumstances.
See our prior reports: "Disclosure Committee Basics" and "Disclosure Committee Practices," and additional information & resources on our Cybersecurity and Insider Trading/Section 16 pages. This post first appeared in the weekly Society Alert!