Governance Surveys
2025 Public Company Board Practices Oversight Survey
Data Pack: Cybersecurity
Which of the following cyber-risk oversight practices has the board performed over the past 12 months?
|
Cyber-Risk Oversight Practices |
Value |
|
Reviewed the company’s current approach to protecting its most critical data assets |
76.54% |
|
Reviewed the most significant cyber threats |
73.46% |
|
Reviewed the company’s cyberbreach response plan |
70.99% |
|
Assessed risks associated with third-party vendors or suppliers |
61.11% |
|
Assigned clearly defined roles to its standing committees with regard to cyber-risk oversight |
42.59% |
|
Participated in a test of the company’s response plan |
32.72% |
|
Assigned clearly defined roles to the full board with regard to cyber-risk oversight |
29.01% |
|
Considered adding a standing committee focused on cyber-risk oversight |
9.26% |
|
|
n=162 |
This table comes from the Cybersecurity section of the 2025 NACD Public Company Board Practices and Oversight Survey.
Final Day to Save $500 on NACD Directors Summit™ 2025
Register by midnight to lock in your savings.