Cyber-Risk Oversight Resource Center
This resource center is a repository for all NACD content, services, and events related to the fast-moving and complex issue of cybersecurity oversight. Here you will find practical guidance, tools, and analyses tailored to the full board, relevant committees, and individual directors.
Videos and Webinars
Cybersecurity and Digital Transformation: The Audit Committee Perspective
Post-SolarWinds, What’s Next for Cybersecurity?
The Year Ahead in Cybersecurity: Key Issues for Directors
ESG & Cybersecurity: How Boards Can Respond to Investor Concerns
How to Lock Up a Cloud: Challenges in Changing Technology and Cyber Risk
Understand the Changing Cyber Threat Landscape
An Update on the State of the U.S. Securities and Exchange Commission’s Approach to Cyber Risk (NACD, Cyber Threat Alliance, and SecurityScorecard)
Cyber-Risk Oversight Amid Russia-Ukraine Tensions
Cyber-Risk Oversight Is Evolving: Are Directors Ready?
Four Lessons on the Cybersecurity Landscape from Summit Experts
The Growing Imbalance in Worldwide Cyber Warfare
Principles for Board Governance of Cyber Risk (NACD, ISA, and the World Economic Forum)
NACD Director’s Handbook on Cyber-Risk Oversight (2020 Edition)
2021 Cyber Threat Intelligence Report (Accenture)
Ransomware Response and Recovery (Accenture)
Colonial Pipeline Attack Fuels Questions, Comments, and Concerns
Cyber Resilience 2.0: Experts Talk Ransomware, Supply-Chain Risk, and Cloud Security
Financial Exposure and Cyber Risk Conversations
10 Questions for a Board Member to Ask About Cybersecurity
SolarWinds Supply-Chain Attack Besets Boards with Implications
Managing Insider Risk in the Era of Remote Work
NSA Cybersecurity Alert Prompts the Question: Is Your Organization at Risk?
Considerations for Emerging Technology
Innovating at Speed and Scale With Implicit Security (Accenture)
Communication is the Answer to Cyber Threats in a Crisis (Accenture)
Consider Data Use Before an Incident Occurs
Develop the Appropriate Board Oversight Structure and Practices
Why the CEO and Board Need to Prioritize Security Crisis Management
Eight Questions to Frame Data Privacy Discussions in the Boardroom
2021 Turbulence Connects Credit Ratings With Cyber Ratings and Insurance
How Transparent Is Your Audit Committee? Three Reasons to Increase Disclosures
How to Make Your Organization a 'Cyber Champion'
Four Steps to Analyze Ransomware Risk and Protect Critical Assets
One Year In: Crises Continue to Call for Cyber Resilience
Sample Cybersecurity Performance Dashboard
The State of Cyber-Risk Disclosures of Public Companies
Investors Are Worried About Cybersecurity: What Boards Should Do
Preparing the Board to Go Beyond the Digital Frontier
Cyber-Risk Oversight Handbook: Principles and Practices for Corporate Boards
Board Oversight of Data Privacy
Oversight of Cyber Risks in a Complex Regulatory Environment
Assess the Effectiveness of the Cybersecurity Program
The Cyber-Risk Data Gap Threatens Insurance Offerings
What Boards Should Know About Zero Trust
The Corporate Director’s Guide to Managed Cybersecurity Services (Accenture)
Personal Cybersecurity for Board Members
Enhancing Cybersecurity Oversight Disclosures—10 Questions for Boards
Building a Relationship with the CISO
Board-Level Cybersecurity Metrics
Cybersecurity Considerations During M&A Phases—Mergers and Acquisitions
Incident Response Tool
The Cyber-Insider Threat—a Real and Ever-Present Danger
Assessing the Board’s Cyber-Risk Oversight Effectiveness
Cyber-Risk Oversight Handbook: Principles and Practices for Corporate Boards
Understanding the Post-Breach Process
Making the Right Investments for Cyber Resilience (Accenture)
Ensure Effective Management Reporting
Improve Cyber-Risk Measurement Through Scenario-Scoping
Board-Level Cybersecurity Metrics
Sample Cyber-Risk Dashboards
What Directors Should Look for In Their Cybersecurity Briefing
Getting the Right Metrics and Reports for Your Board
Questions Directors Should Ask Management During a Breach
Cyber Risk Oversight Certificate
Earn the CERT Certificate in Cybersecurity Oversight, issued by NACD and Carnegie Mellon University
Understand Relevant Legal and Compliance Implications
Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (SEC Comment Letter)
America’s Path to Cyber Resilience (Accenture)
Still Burning: The Battle to Fight Cybersecurity Fire
US 2021 Cyber Agenda May Affect Liability, Disclosure, and Enforcement
Regulatory and Cybersecurity Responsibilities Intersect for Boards
California Consumer Privacy Act (CCPA) Factsheet
Keep Up with Expectations About Data Privacy
What Boards Should Know About the GDPR
The Board’s Role in Data Privacy Oversight
Events
Cyber-Risk Oversight Certificate
Master Class
NACD Summit
Understand Public-Private Partnership
Heads Up, Boards: The Executive Order on Cybersecurity Needs Your Attention
Report an Incident to Cybersecurity and Infrastructure Security Agency (CISA)
Learn About CISA’s Joint Cyber Defense Collaborative
U.S. Secret Service’s Cyber Fraud Task Forces: Defending American Financial Infrastructure
Understand the FBI’s Cyber Investigations Strategy