Good morning.
Cybersecurity is emerging as a hot topic for 2023. Not that it wasn’t in 2022. Indeed, cyber has been a loud and persistent background noise in business for years. But two things are turning up the volume: First, the escalation of U.S. and European military aid to Ukraine, which increases the risk that Russia turns to cyberattacks in response. And second, new SEC rules out this spring, that will place enhanced reporting requirements on companies.
Diligent CEO Brian Stafford, whose platform provides information to 750,000 directors and executives, told me yesterday that the cyber rules, which not only require rapid reporting of breaches but also call for reports on board oversight and expertise, have the potential “to have a bigger impact on board composition and training than ESG.” Stafford says the rules are part of a broader trend that is leading to a remake of corporate boards:
“The last decade of board members were former CEOs and CFOs. What we are seeing now is boards looking for way more expertise in different areas, to provide oversight. Most boards don’t have a former CISO (Chief Information Security Officer) on their board. They have become well-versed in cyber issues, but they don’t have specific expertise. Now, they are moving from generic CEOs to a group of individuals offering targeted expertise. It's not talked about enough, and it’s going to become a growing theme.”
Separately, there’s good news for companies struggling to build cyber and other tech expertise: tech talent is becoming easier to find, thanks to increased layoffs. Fortune’s Michal Lev-Ram looks at the trend for a story in the February/March issue of the magazine that you can read online this morning here.
Other news below.
Alan Murray
@alansmurray
alan.murray@fortune.com