Blog Posts Tagged With Board of Directors

Subscribe to Board of Directors RSS Feed

2018 SEC Cybersecurity Guidance on Board Oversight

On February 21, 2018, the Securities and Exchange Commission (“SEC”) issued a statement and interpretive guidance on issuers’ cybersecurity disclosures.   For a general discussion of the guidance, see Davis Polk’s recent Client Memorandum.  Although the guidance does not impose any new requirements on issuers, the SEC’s emphasis on Board oversight of cybersecurity provides new meaning on existing requirements.

The SEC notes that “[t]o the extent cybersecurity risks are material to a company’s business,” its … Continue Reading

After Equifax, to Whom Should the CISO Report?

During congressional hearings earlier this month, senators grilled Richard Smith, the former Equifax CEO, on the company’s reporting structure for cybersecurity; specifically, on the appropriateness of Equifax’s CISO reporting to the general counsel.  This has caused several companies to question their own reporting structures for cybersecurity issues.  So what is the right structure for CISO reporting?  As usual, there is no one right or wrong answer.

We have seen many different reporting structures for CISOs … Continue Reading

Davis Polk Memo – Banking Regulators Float Broad Cyber Risk Approach

We have issued a memo on recent proposed U.S. federal banking regulations that could significantly expand the existing cybersecurity regulatory framework for covered financial institutions. The Enhanced Standards intend to strengthen cyberattack preventative measures and post-attack responses.

Read the Full Memo »Continue Reading

LexBlog