Partner Research Report

Principles for Board Governance of Cyber Risk

By NACD Staff


Cyber-Risk Oversight

In brief: Cyber risk remains among the top risks facing business organizations today. The World Economic Forum’s Global Risk Report 2021 lists cybersecurity failure as a top “clear and present danger” and critical global threat. As with any major enterprise issue, it is important for the board of directors and leadership to set the tone at the top and define how their organizations must address cybersecurity. This document is the result of a collaboration between the World Economic Forum, National Association of Corporate Directors (NACD), Internet Security Alliance (ISA), and a working group of industry professionals. These organizations came together to build a set of consensus principles that recognized up-to-date techniques for cyber-risk governance. Building off existing cyber-risk oversight guidance that is captured in the NACD-ISA Handbook for US company directors, and through an iterative development process, this group developed six consensus principles for cybersecurity board governance.

Member-Only Content

For full access, please log in, or explore membership options.