SEC cybersecurity rules requires companies to specify how and the process by which the board oversees risk from cyberthreats, the subcommittees involved in oversight, and whether and how management updates the board and subcommittees.
The study draws on a sample of over 1,000 C-Suite and board members and analyzed their personal devices and home network security and privacy. 87% of executive devices have no security measures at all installed.
Litigation against corporate board members and C-level executives for data privacy and security claims is on the rise. Recently, plaintiffs have targeted corporate board members and C-level executives alleging that their data privacy–related claims result from a breach of fiduciary duties.