Happy Friday. How, and how well, does your board oversee cybersecurity? The Securities and Exchange Commission will want to know, with a final set of strict cyber rules due soon. But companies shouldn't wait to find those uncommon directors who understand cyber governance, risk and legal experts are telling us. 

“Directors don’t grow on trees and, certainly, directors with cybersecurity experience don’t grow on trees,” said Kristy Littman, former chief of the crypto assets and cyber unit in the SEC’s enforcement group, at our WSJ Pro Cybersecurity Forum this week. Read our story. 

You can watch our full conversation with Littman, now a partner at law firm Willkie Farr & Gallagher. Catch other sessions at that link as well. 

Also today: More news and our weekly Executive Insights.

• The Russian Ministry of Foreign Affairs also said Apple collaborated with the U.S. National Security Agency to hack iPhones, including inside embassies in Moscow. (CyberScoop)
• Kaspersky, a cybersecurity company established in Russia that keeps separate legal entities in other countries, said the iPhones of some of its managers had been hacked using iMessages with malware attached that deploys spyware. 
• "The spyware then quietly transmits private information to remote servers: microphone recordings, photos from instant messengers, geolocation, and data about a number of other activities of the owner of the infected device," company founder Eugene Kaspersky said in a blog post. 

Progress Software file-transfer tool exploitable. A vulnerability in Progress Software's MoveIt Transfer utility can let intruders escalate privileges and take over systems, the company said. With no fix available as of Thursday, Progress offered mitigation steps. "it is extremely important that you take immediate action," the company said, "while our team produces a patch."

• The Cybersecurity and Infrastructure Security Agency also issued an alert about the problem. 

• Watch: Board directors are playing an important role in cybersecurity. Michael Montoya from Equinix and Friso van der Oord from the National Association of Corporate Directors offer a workshop to reinforce cyber knowledge for these executives.
• Watch: Has China’s slow postpandemic reopening changed the country’s outlook? Economics professor Keyu Jin and Zak Dychtwald, founder of Young China Group, discuss at WSJ’s CEO Council event in London.
• Read: Startups are racing to build electric-vehicle charging stations to meet new truck-emissions regulations in California. Here's how they hope to cash in on the state’s drive to electrify truck fleets.

The WSJ Pro Cybersecurity team is Deputy Editor Kim S. Nash (on Twitter @knash99), reporter James Rundle and reporter Catherine Stupp (@catstupp). Follow us on Twitter @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.