SEC Sparks Demand for Cyber-Savvy Board Directors
New SEC rule changes are expected to require public companies to formally disclose the cybersecurity expertise of board members, as well as the board’s governance practices in overseeing the cybersecurity risk for the company.
The added transparency resulting from the new SEC rules will provide shareholders with a clear understanding of a board’s cybersecurity expertise.
A Shortage of Board-Level Cyber Expertise
On most boards, cyber understanding is insufficient. Recent quantitative research by The CAP Group revealed that 90% of Russell 3000 companies lack even a single board director with cybersecurity expertise.1 This highlights the opportunity to remedy this potential skill shortage in 2023 and beyond. In response, many companies will likely be compelled by the market to appoint a board director with proven cybersecurity expertise. CISOs appear to be one logical pool of candidates to fill this gap, but the question arises as to whether CISOs possess the qualifications to serve as effective board members. Additionally, there are questions in the market as to how many credible board-ready CISOs are available for this role.
Identifying Board Traits – CISOs as Board Members
To address these concerns, IANS Research, Artico Search and The CAP Group collaborated on a research study that evaluated the qualifications of CISOs in companies listed on the Russell 1000 Index, against the characteristics of credible cyber director candidates for corporate boards. These characteristics will be referred to as “board traits” throughout this report.
We sourced this data from publicly available sources, including data from LinkedIn, executive bios, speaking bios, press releases and interviews. We also cross-referenced this data against self-reported information from IANS’ and Artico’s annual CISO Compensation and Budget study and verified and supplemented it with our firsthand knowledge of the representative sample.
A cross-disciplinary team of cybersecurity experts and data scientists analyzed the data, resulting in a comprehensive study of the board readiness of CISOs across the Russell 1000. This report presents key findings from the study, along with quotes and insights from Steve Martano, a partner and executive recruiter in Artico Search’s cyber practice, and Brian Walker, the CEO and cyber board advisor at The CAP Group
Download the full analysis here.
