Bipartisan federal legislation, the Cybersecurity Disclosure Act  of 2015 (S. 2410), was recently introduced in the U.S. Senate by Senators Jack Reed (D-RI) and Susan Collins (R-ME), who both

serve on the Senate Select Committee on Intelligence. The bill was referred to the Senate Banking Committee (on which Senator Reed sits) and will now be considered by that committee. The bill would require public companies to disclose whether any Board member has experience or expertise in cybersecurity, and to describe the nature  of that experience or expertise. If no Board member has cybersecurity experience, the company would have to disclose why the Board concluded that it was not necessary to have cybersecurity expertise on the Board of Directors – for instance, due to existing cybersecurity measures or to the company’s other specific circumstances. The

SEC would be charged with issuing rules detailing these disclosure requirements.