Bass, Berry & Sims attorneys Tony McFarland and Jay Knight provided insight for an article published in The Wall Street Journal's Risk & Compliance Journal on the impact of the proposed Cybersecurity Disclosure Act. The article discusses the potential effect the Act will have on companies if it is passed. The Act would require companies to disclose whether any board members have cybersecurity "experience" or "expertise," although opponents argue that the bill fails to define either. "This bill is not likely to go anywhere any time soon, but it does have value to the extent it demonstrates that influential senators have concerns that public companies should make information available about the cybersecurity experience or expertise," Tony said.
While the emphasis on cyber protection is clear, Jay notes that the bill fails to take into account the board member's oversight function and the ability to bring in experienced advisors as needed to help guide cyber decisions. "Directors are not tasked with having expertise on everything they oversee," Jay explained. "They need to rely on experts to fulfill their duties."
The full article, "The Morning Risk Report: Boards Put on Notice About Cyber Expertise," was published by the Wall Street Journal's Risk & Compliance Journal on February 3, 2016 and is available online.