In practical terms, this means that, just as it does for financial reporting, every corporate board should:   Create a cybersecurity committee (just like its audit committee); Engage an independent cybersecurity firm to conduct an annual cybersecurity audit (just like an independent accounting firm conducts and signs off on an annual financial audit); and Add cybersecurity expertise and knowledge to the board (sitting right beside the board’s accounting and financial… [read post]