In the wake of the global pandemic and corporate workforces being distributed in remote locations, cyber attacks and ransomware risks have multiplied, highlighting new vulnerabilities for boards and corporations to address. In addition, the Securities and Exchange Commission issued final rules last July that require issuers to disclose material cybersecurity incidents four business days after the company determines the incident is material, and to disclose annually information regarding cybersecurity risk management, strategy, and governance. This session will not transform you into a cybersecurity expert, but it will help you to become a more knowledgeable corporate director, better informed about state-of-the-art approaches that corporations can deploy to reduce the risk of damage from a significant cyber attack and respond appropriately to ransomware threats. It will also highlight the techniques that boards and corporations can deploy to better identify an incident and help minimize the damage once an attack has been discovered. The session will review steps that boards can implement to help ensure that management is responding to these threats in an appropriate and timely manner. The panelists will share practical lessons and risk mitigation techniques regarding prominent recent cyber breaches, discuss the value of cyber insurance, explore the challenges of assessing the materiality of a cyber incident and meeting disclosure obligations in a timely manner, and consider when and how companies might cooperate with law enforcement, government agencies, or other firms in the industry.

Focus on board composition and director performance has never been greater. With regulations and listing standards requiring disclosure of board diversity and expertise in climate and cybersecurity, the rise of activist investors with an increased focus on individual directors under the universal proxy, the complexity of operating in a global marketplace, and additional scrutiny on directorial independence, corporations are under increasing pressure to assemble a board with the right mix of experience, specialized skills, industry-specific expertise, international exposure, and gender, racial, ethnic, and age diversity. Many shareholder advisory firms and institutional investors argue that director tenure should be scrutinized more heavily, with some advocating term limits or mandatory retirement ages to refresh boards with entrenched directors or stale skill sets, and to accelerate the turnover of board seats. In addition, uncertainty can abound as to whether and when directors qualify as independent, and new procedures may be necessary to address that uncertainty. Taken together, these pressures can force nominating and governance committees to reconsider the process by which they assess board composition, identify board candidates, onboard new directors, and evaluate individual director performance. This session will discuss successful strategies for ensuring that companies focus on long-term planning for board succession to build and maintain a board with the right mix of director skills and backgrounds given the company’s current and projected needs.