Home

Report

The SEC’s Cybersecurity Rule Didn’t Include Disclosure of Director Expertise. That Needs to Change

The SEC’s Cybersecurity Rule Didn’t Include Disclosure of Director Expertise. That Needs to Change

Zscaler
Pages 5 Pages

The research report by Zscaler highlights the inadequacy of cybersecurity expertise disclosure among S&P 500 companies, emphasizing the importance of clear communication to investors. Despite the SEC’s initial proposal to mandate such disclosures, the final rule omitted this requirement. The analysis found that while 82% of companies included a skills matrix in their proxy statements, only 17% listed cybersecurity as a standalone skill. Instead, cybersecurity was often bundled with other skills, leading to potential misinterpretation of a board's ability to oversee cybersecurity risks, thus posing a significant concern for investors.

Join for free to read

You Might Also Like


The CFO’s role in Cyber Disclosure
Guide The CFO’s role in Cyber Disclosure
PWC

THE SEC’S NEW MARKETING RULE: KEY TAKEAWAYS FOR ADVISERS
White Paper THE SEC’S NEW MARKETING RULE: KEY TAKEAWAYS FOR ADVISERS
Morgan Lewis

Director
Ebook Director
Fiserv

Include
Case Study Include
Mediatoolkit

More from Zscaler


Board Committee Oversight of Cybersecurity
Report Board Committee Oversight of Cybersecurity
Zscaler

S&P 500 Proxy Statements: What Companies Disclose About Their Cybersecurity Programs
Report S&P 500 Proxy Statements: What Companies Disclose About Their…
Zscaler

Enhancing Cybersecurity In the EU: An In-Depth Look at the NIS2 Directive and Its Impact On M&A/D
White Paper Enhancing Cybersecurity In the EU: An In-Depth Look at the NIS2…
Zscaler

Modernizing Cybersecurity for Healthcare
White Paper Modernizing Cybersecurity for Healthcare
Zscaler
© 2025 Contentree.  All Rights Reserved   |   Privacy and Cookies   |   Legal   |   Do not sell my info