Should your board of directors include a cybersecurity expert?

The pros and cons of proposed legislation to identify a board’s cybersecurity pro.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Should companies have a cybersecurity expert on their board of directors? The federal government seems to think so, and increasingly so do security and risk professionals, although companies would prefer to make that decision without government involvement, according to a sampling of industry pros.

A disclosure bill introduced by the U.S. Senate in December would ask companies to disclose whether they have a “cyber security expert” or equivalent measure on its board of directors. While no action is required if no expert currently has a seat on the board, the company would need to provide an explanation for how it is approaching cybersecurity.

Many questions still need answered, such as what skills would qualify a board member as a cybersecurity expert.The SEC and the National Institute of Standards and Technology would be given a role in evaluating cybersecurity experts’ qualifications, but it’s not clear what those qualifications are. NIST would not comment on pending legislation.  

To continue reading this article register now

Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.