Improve Disclosures and ControlsWith threats of nation-states infiltrating supply chains and landmark laws being passed, cybersecurity and privacy are critical aspects of director oversight. Recent court decisions and speeches from the SEC have made it clear that directors are not able to delegate cybersecurity oversight: directors each have the responsibility to personally understand cybersecurity risk and ask appropriate questions. Directors must focus on internal controls to guard against cyber-threats (including accounting, cybersecurity and insider trading) and expand diligence of thirdparty suppliers. Integrating both privacy and security by design will be critical to minimizing ongoing risk of cybersecurity breaches and state and federal enforcement.

Source: Click here