New Bill Targets Cybersecurity Expertise on Boards of Directors

On December 17, 2015, Senators Jack Reed (D-RI) and Susan Collins (R-Maine) introduced, S2410, the Cybersecurity Disclosure Act of 2015, which would require public companies to disclose what cybersecurity expertise their Board of Directors ("Board") possesses. If enacted, this bill would require the Securities and Exchange Commission to issue new rules mandating that public companies describe any cybersecurity experience or expertise held by the members of their Board in the companies' annual reports or proxy statements. If a company's Board does not have any members with cybersecurity expertise, the bill would require the company "to describe what other cybersecurity steps taken by the reporting company were taken into account" by nominating committees when selecting potential board members.

This bill would not require public companies to elect Board members with any cybersecurity expertise. If enacted (which is highly uncertain), it might lead shareholders to pressure companies to include cybersecurity experts on their Board, or to strengthen and clarify how the Board is advised and educated about cybersecurity threats. Even if the bill is not enacted into law, its introduction still may raise shareholder awareness about the need for Board members to better understand and address cybersecurity threats.

This content is provided for general informational purposes only, and your access or use of the content does not create an attorney-client relationship between you or your organization and Cooley LLP, Cooley (UK) LLP, or any other affiliated practice or entity (collectively referred to as “Cooley”). By accessing this content, you agree that the information provided does not constitute legal or other professional advice. This content is not a substitute for obtaining legal advice from a qualified attorney licensed in your jurisdiction and you should not act or refrain from acting based on this content. This content may be changed without notice. It is not guaranteed to be complete, correct or up to date, and it may not reflect the most current legal developments. Prior results do not guarantee a similar outcome. Do not send any confidential information to Cooley, as we do not have any duty to keep any information you provide to us confidential. This content may be considered Attorney Advertising and is subject to our legal notices.