The Conference Board uses cookies to improve our website, enhance your experience, and deliver relevant messages and offers about our products. Detailed information on the use of cookies on this site is provided in our cookie policy. For more information on how The Conference Board collects and uses personal data, please visit our privacy policy. By continuing to use this Site or by clicking "OK", you consent to the use of cookies. 
Cybersecurity Working Group

Cyber-attacks emerge, evolve and shift in real-time, creating a complex risk environment that corporate stakeholders are struggling to respond to. Some cybersecurity experts opine that while the nature of cybersecurity risk is - to a certain extent - unique relative to other enterprise risk elements (i.e., it is an active risk that is being directed and manipulated by adverse parties), it needs to be put into the context of how all risks are managed and shouldn’t be treated differently from a governance perspective. Others believe that while cybersecurity risk needs to integrate into the overall governance risk framework, its unique nature requires a unique board governance oversight approach.

The mission of the Governance Center Cybersecurity Working Group is to explore these divergent viewpoints, as well as to suggest effective governance practices that address the question: How can directors and C-suite executives carry out their cybersecurity risk oversight responsibilities effectively to carry out their fiduciary duties, govern this complex risk environment and address the changing expectations of institutional investors and other external stakeholders?

In collaboration with Deloitte, we will share learnings and provide practical guidance that will help internal corporate stakeholders (including directors and C-suite executives) understand cybersecurity risks and encounter oversight challenges.

Related Research and Writings

On Governance: Government Relations Expanding Role in Cybersecurity Risk
September 2018 | Bob Zukis, Senior Fellow, Corporate Governance, The Conference Board
Cybersecurity governance and the broader issues around digital governance are emergent competencies in the corporate boardroom. Being proactive and building a coordinated enterprise approach to these issues is a good starting point and GR has a key role to play.

Cybersecurity: Crucial Collaborations: Highlights from The Conference Board 2018 Cybersecurity Conference
August 2018 | Webcast
This webcast provides insights from the Cybersecurity Conference: Crucial Collaborations, New York City, January 18-19, 2018.

23 Truths about Cybersecurity: Insights from the Cybersecurity Conference: Crucial Collaborations
February 2018 | Conference KeyNotes
This publication provides insights from the Cybersecurity Conference: Crucial Collaborations, New York City, January 18-19, 2018.

CEO Challenge 2017: Leading through Risk, Disruption, and Transformation—US Report
April 2017 | Key Business Issues
In this year’s survey, respondents in the United States are heavily focused on talent issues, including developing the next generation of leaders for the digital age, as well as cybersecurity, employee healthcare, corporate tax reform, the growth of terrorism, and the possibility of global recession..

Emerging Practices in Cyber Risk Governance
October 2015 | Key Business Issues
This report explores the lessons of the massive cyber hacks of Target, JP Morgan Chase, Anthem, and Sony and outlines best practices for proactive cyber risk governance.

Emerging Practices in Cyber Risk Governance (CEO Strategic Implications)
October 2015 | Key Business Issues
Is your company at risk for a cyber security breach? This report explores the impact of hacks of Target, Sony, JP Morgan, and Anthem and makes recommendations for better cyber risk governance.

Reframing the Issue: New Ways to Think about Cyber Risk and Security
December 2013 | Council Perspectives
Cyber risk is just one of many operational risks, and, from a business viewpoint, mitigation of cyber risk should focus on fundamental risk management, corporate resilience, and managing human behavior.

Related Webcasts and Conferences

Cybersecurity: The Leadership Imperative
On Demand - June 15, 2017

Cybersecurity Risk Oversight
September 13, 2016

A Cross Functional Conversation about Cybersecurity Risk
On Demand - March 16, 2016

Emerging Practices in Cyber Risk Governance
On Demand - December 3, 2015


Back to Working Groups.


For information on membership in The Conference Board ESG Center, please contact Drew Buckley, Director, New Business Development, at or +1 212 339 0496.

Insight Minute- Emerging Practices in Cyber Risk Governance

Andrea Bonime-Blanc
Emerging Practices in Cyber Risk Governance

View More

Director Notes Archives

Founded in 2010 by Matteo Tonello, Director Notes is a series of online publications in which The Conference Board engages experts from several disciplines of business leadership (including corporate governance, risk oversight, and sustainability) in an open dialogue about topical issues of concern to member companies.