‘Fully Loaded’ Proxy Statement Key in Demonstrating Vigilance Against Attacks

Bloomberg BNA’s Corporate Law & Accountability Report is available on the Corporate Law Resource Center. This news service keeps corporate practitioners informed of legal developments of...

By Che Odom

Jan. 13 — Attorneys consulting companies on proxy statements suggest that boards address cybersecurity in a detailed way this season to demonstrate to shareholders that directors will be vigilant against hackers.

“It is best to go into your proxy solicitation with a fully loaded proxy statement,” Rhonda L. Brauer, senior managing director of corporate governance at Georgeson Inc., said during a Jan. 13 webcast sponsored by Georgeson and Latham & Watkins LLP.

Companies should address cyber risks and consider going “beyond what is legally required” to address concerns, she said.

The webcast, “2015 Proxy Season: What You Should Know as You Draft Your Proxy Statement and Prepare for Your Annual Meeting,” was held a day after U.S. Central Command was forced to take its Twitter account offline after hackers commandeered it to post threatening messages to U.S. service members .

Legislation Possible

Although the Securities and Exchange Commission has not issued any new disclosure requirement concerning cyber risks, President Obama and members of Congress are discussing the need for further legislation in this area, Steven Stokdyk, a partner in Latham's Los Angeles office, said during the webcast. Companies must stay on top of the political debate in Washington, as well as whatever concern shareholders express about the issue, he said.

“It is all over the news today, with Sony” and the Twitter hack, he said. “We are carefully focused on adding additional thoughts” in communications with shareholders.

Although companies should avoid generic disclosure, they can provide information that allows investors to appreciate the nature of the risks without compromising a company, said Stokdyk, global co-chair of Latham's public company representation practice.

Offer Details

Businesses in especially vulnerable industries should consider offering more detailed disclosure to stockholders, he said.

When it comes to cybersecurity, investors are likely to look closely at director qualifications for those who may be able to question management and outside experts on relevant matters, he said.

At a minimum, boards should be familiar with how their companies match up with the risk management framework created by the National Institute of Standards and Technology, he said, which may begin to appear in shareholder proposals, as well as more recommendations from Institutional Shareholder Services Inc.

Georgeson is a provider of strategic shareholder consulting services to corporations and shareholder groups.

To contact the reporter on this story: Che Odom in Washington at codom@bna.com

To contact the editor responsible for this story: Ryan Tuck at rtuck@bna.com

An archive of the webcast is available at http://www.lw.com/events/2015-Proxy-Season-Drafting-Proxy-Statement-and-Preparing-for-Your-Annual-Meeting.