Questions Directors Can Ask to Assess the Board’s “Cyber Literacy”

In brief: Cybersecurity should be considered an enterprise-wide, cross-departmental issue that is integrated into full-board discussions. As directors’ responsibilities around cybersecurity increase, boards should ensure they are providing adequate cyber-risk oversight. Produced in the NACD Director’s Handbook on Cyber-Risk Oversight, these questions provide boards with a template for assessing their cyber literacy.

This resource can help your board

  • Determine the company’s most valuable assets and how to protect them.
  • Consider investments in cybersecurity and cyber insurance.
  • Create lines of accountability/responsibility for cybersecurity.

Most relevant audiences: the full board, general counsel, risk committee members, and audit committee members