Cyber-Risk Oversight Resource Center

Cyber-Risk Oversight Resource Center

This resource center is a repository for all NACD content, services, and events related to the fast-moving and complex issue of cybersecurity oversight. Here you will find practical guidance, tools, and analyses tailored to the full board, relevant committees, and individual directors.

Videos and Webinars

ESG & Cybersecurity: How Boards Can Respond to Investor Concerns How to Lock Up a Cloud: Challenges in Changing Technology and Cyber Risk Cyber-Risk Oversight Boardroom Update: Threats and D&O Liability

Understand the Changing Cyber Threat Landscape

Managing Insider Risk in the Era of Remote Work NSA Cybersecurity Alert Prompts the Question: Is Your Organization at Risk? Considerations for Emerging Technology Communication is the Answer to Cyber Threats in a Crisis (Accenture) Consider Data Use Before an Incident Occurs How Board Members Become Cyber-Risk Vulnerabilities The Evolving Cyber Insurance Market The Economics of Cybersecurity The Impact of AI on Cybersecurity 2019 Cyber Threatscape Summary Report (Accenture) Why Cybersecurity is the Chief Challenge of Our Times Cybersecurity Must Be Considered a Tier-1 Business Risk

Develop the Appropriate Board Oversight Structure and Practices

Investors Are Worried About Cybersecurity: What Boards Should Do Preparing the Board to Go Beyond the Digital Frontier Cyber-Risk Oversight Handbook: Principles and Practices for Corporate Boards Board Oversight of Data Privacy Oversight of Cyber Risks in a Complex Regulatory Environment Current and Emerging Practices in Cyber-Risk Oversight Sample Board Assessment on Cybersecurity Culture

Assess the Effectiveness of the Cybersecurity Program                                

Cyber-Risk Oversight Handbook: Principles and Practices for Corporate Boards Understanding the Post-Breach Process Making the Right Investments for Cyber Resilience (Accenture) CISO and Director Perceptions of Each Other, and Themselves, Diverge Governing Digital Transformation and Emerging Technologies Why Your Next CISO Should Have Breach Experience Questions for Assessing Company’s Response Capabilities The Right Conversations to Have with Your CISO Why Humans are Still Security’s Weakest Link Cybersecurity Considerations During M&A Phases How to Build a Relationship with the CISO

Ensure Effective Management Reporting

Board-Level Cybersecurity Metrics Sample Cyber-Risk Dashboards What Directors Should Look for In Their Cybersecurity Briefing Getting the Right Metrics and Reports for Your Board Questions Directors Should Ask Management During a Breach

Cyber-Risk Oversight Certificate

Earn the CERT Certificate in Cybersecurity Oversight, issued by NACD and Carnegie Mellon University

Understand Relevant Legal and Compliance Implications

Regulatory and Cybersecurity Responsibilities Intersect for Boards California Consumer Privacy Act (CCPA) Factsheet Keep Up with Expectations About Data Privacy What Boards Should Know About the GDPR The Board’s Role in Data Privacy Oversight

Events

Cyber-Risk Oversight Certificate Master Class NACD Summit