Issue link: https://digital.shearman.com/i/1512772
Shearman & Sterling LLP 91 | Cybersecurity Responsibility for Cybersecurity Matters The number of Top 100 Companies that indicated that the board and/or a board committee had responsibility for cybersecurity matters Directors with Cybersecurity Experience The number of Top 100 Companies that specifically identified directors with cybersecurity or data security experience Cybersecurity Risk Management The number of Top 100 Companies that identified cybersecurity as part of the board's oversight role over risk management At the Top 100 Companies: Who has responsibility for Cybersecurity and/or Data Security/Privacy? 2021 2022 2023 2022 2023 2021 100 96 70 56 90 82 36 83 80 71 22 4 7 4 12 3 3 12 4 2 Board only Board and committee Committee only Not disclosed Cybersecurity *For several companies, responsibility for cybersecurity and/or data security/privacy is shared by two or more committees. The new SEC rule on cybersecurity disclosure mandates specific disclosures in this area, so all public companies should be preparing this disclosure for the next annual report. Directors with cybersecurity experience increased significantly in 2023 95 53 92 64 How Many Companies' Proxy Statements Describe the Board's and/or Committee's Process for Overseeing Cybersecurity Risk? If a committee is involved, Which committee? * 15 15 81 71 15 74 2 0 1 20 9 20 Audit committee Governance committee Risk committee Other Data