Joe Grundfest, Professor of Law and Director of the Rock Center for Corporate Governance at Stanford Law School and former Commissioner of the SEC discusses when and how boards of directors need to become involved with cybersecurity issues and provides best practice tips for boards in grappling with cybersecurity issues: 

• While one or two members of the board need to have a “minimal footprint” – be sufficiently conversant – in cybersecurity, ideally the board should still be advised by an outside “cyber advisor”
• Tabletop exercises are a useful look into the strength of a company’s cybersecurity defenses -- a breach could have long-lasting negative implications
• Boards should seek outside help because cybersecurity issues are qualitatively different than the other issues that a board usually considers

Hear other podcasts >