Boardrooms may soon be claiming more false expertise than your trivia team.

Upcoming SEC requirements call for board members who have cybersecurity knowledge. While there will likely be an early shortage of true “experts,” the change poses a long-term opportunity for security pros who want a shareholder seat.

“Boards are probably going to scramble to figure out how [to] make an existing member check the box, whether it’s someone who’s been the CIO or that is overseeing technology, but it’d be great over time if we see opportunities for true security professionals to step in and truly serve in the capacity, because they have the experience and the knowledge,” Erica Wilson, VP, global cybersecurity and privacy risk management at Reinsurance Group of America told a crowd at RSA this month.

Wilson was one of four speakers on a panel discussion that included Andrew Wilder, adjunct professor of cybersecurity at Washington University, Alan Berry, regional VP and CISO at Centene Corp, and Matthew Modica, VP and CISO at BJC HealthCare.

Who needs experts anyway? In March 2022, the SEC proposed mandated reporting of “material” cybersecurity incidents within 4 days and a “disclosure of cybersecurity expertise” on the board. Final regulations are expected soon.

While Succession viewers undoubtedly know that a board oversees a company’s management and strategy, shareholders have increasingly included cyber risk on the priority list, given the consequences of ignoring it. (One example: In November 2022, the FTC ordered the online alcohol marketplace Drizly and its CEO to bolster its security program after alleged failures exposed personal data of over two million customers.)

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Cyberattacks can really hurt your business. And not just by halting business ops. They also demolish customer trust and can leave you and your customers open to serious invasion.

The good news? You can prevent many of these cyberattacks with effective password management from the team behind NordVPN.

NordPass is an intuitive password manager that keeps your company secure and guards every digital entry point to your business. It’s the only password manager in the market that uses the XChaCha20 encryption algorithm (trust us, that’s the good stuff).

But don’t let the tech trick ya. NordPass is super easy to use. In fact, it’s so easy, your entire team can adopt NordPass—which is ideal, since password managers work best when everyone uses them. But no sweat if your team needs some help, because NordPass offers 24/7 tech support.

Start your 14-day free trial.

When it comes to protecting against cyber threats, the importance of the human element can’t be overstated. Human security is growing in importance to cybersecurity professionals who are noticing attackers increasingly focusing on social engineering as a means to access internal systems.

On April 5, RSA 2023 Advisory Board members Wade Baker, Virginia Tech professor and co-founder of Cyentia Institute, and Caroline Wong, chief strategy officer at Cobalt, delivered remarks during a roundtable discussion on human security.

Here are some of Baker and Wong’s comments on human security. You can watch the full replay of the conversation here.

These remarks have been edited and condensed for readability.

Caroline Wong:

In 1969, some really brilliant folks at UCLA and Stanford and a couple of other universities were like, “Hey, what if we shared computing power? And what if we could actually share this information with each other?” Fast-forward to 1985, the National Science Foundation says, “We’re gonna make this thing called NSF Net and it’s going to be this network of scientific computers and all these scientists.” What’s the worst that could happen? It’s literally scientists who are studying the atmosphere, and its interactions with the oceans, land, and sun.

Here we are, in the year 2023. And in my life...I am connected to the internet all the time. The internet was never built to be secure, the software that we write and that we use, there’s nothing making it secure unless we decide to do things like look for security vulnerabilities, find security vulnerabilities, [and] fix security vulnerabilities.

Keep reading here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

After a decades-long career at two of Silicon Valley’s biggest names, Marissa Mayer is setting her sights on a smaller problem: Your contacts list.

The former Yahoo CEO and early Google executive co-founded Sunshine, the maker of an app that uses AI to organize your network’s phone numbers and email addresses. The company next plans to tackle social groups and event scheduling with other products, including an upcoming app called Sunshine Circles.

And yes, she’s aware that these might not sound like the most exciting AI applications these days, but she thinks they can make a big difference.

“We mused about naming the company Mundane AI,” Mayer told Tech Brew. “How do you take cutting-edge AI and just apply it to everyday problems that we all have to deal with?”

Beyond how AI can clean up your phone, we spoke with Mayer—who holds two AI-focused degrees from Stanford—about the state of the search wars, her time at Yahoo, and where she stands on the fears around the technology’s future.

This conversation has been edited for length and clarity.

Tech Brew: As someone who worked on Google search very early on, how much potential do you think generative AI has to transform the experience?

Marissa Mayer: At Google, we always knew that search would eventually become much more about answers than just relevant links. And I think that this is going to push further in that dimension. Do I think people are always going to want to ask their search in a chat form? No. So, I do think that there will be other forms of search that still exist, though I think the format of the search results is going to change pretty radically. And the format that we’ve all come to know and love will diminish greatly over the next few years…I think that you’re gonna see that landscape shift quite a bit. And it’s going to happen pretty quickly.

Keep reading on Tech Brew.—PK

Today’s top IT reads.

Stat: 3.28 million. That’s how many fewer warrantless Section 702 searches of US residents’ electronic comms the FBI says it did in 2022 versus 2021—though critics remain insistent that’s still far too many. (The Register)

Quote: “There is no blanket hiring ‘pause’ in place...We’re being very selective when filling jobs that don’t directly touch our clients or technology.”—IBM spokesperson Adam R. Pratt on an alleged hiring pause, as the company mulls replacing up to 7,800 jobs with AI (the Washington Post)

Read: How to tell when a vendor’s claims about their next-gen AI tech are misleading. (CIO)