MyLogIQ’s analysis of S&P 500 proxy statements for the 2021 and 2022 proxy seasons (as of March 17, 2022 filings) captured in this new report: “Cybersecurity Oversight Benchmarking Report,” revealed the following practices:
Board oversight disclosure rate - Nearly all companies (95%) disclose their board cybersecurity oversight structure, i.e., how they allocate oversight of cyberrisk among the board and key committees.
Oversight responsibilities - Of those that disclose how the board structures its cybersecurity oversight, the audit committee typically has primary responsibility (66%), followed by the full board at 15%.
Director cyber expertise - Just over 10% of S&P 500 directors were associated with cyber skill/expertise.
See our report in May 2021 on the results of a Society member benchmarking survey: “Society Members Speak! Cybersecurity Oversight” and additional resources on our Cybersecurity/Data Privacy page.
This post first appeared in the weekly Society Alert!