Future of the American Board

Blue Ribbon Commission Reports

Navigating Your Board Career

2025 Public Company Board Practices Oversight Survey

Data Pack: Cybersecurity

07/28/2025

 

Which of the following practices have you or your board conducted over the past 12 months to gain a better understanding of cyber-risks facing the organization?

 

Cyber-Risk Oversight Practices

Value 

Participated in individual-director educational activities (attending webinars, classes, conferences, etc.) to learn more about how cyber-related issues could affect the business

72.02%

Communicated with management about the types of cyber-risk information the board requires

67.86%

Leveraged external advisors (e.g., consultants, law enforcement, or other government agencies) to understand the risk environment

61.90%

Leveraged internal advisors, such as internal audit or the general counsel, for in-depth briefings

58.33%

Attended full-board education events on cyber risk

36.31%

 

n=166

 

This table comes from the Cybersecurity section of the 2025 NACD Public Company Board Practices and Oversight Survey.

Final Day to Save $500 on NACD Directors Summit 2025 

Register by midnight to lock in your savings.

Register Now