Return to Commentary

The Importance of Board Member Training on Cyber Risk and Strategy

| Kira Ciccarelli

Share On:

Cybersecurity is a critical concern for businesses of all sizes and industries. As more and more companies rely on technology to conduct their operations, the risk of cyberattacks increases. To protect their organizations from these threats, directors and executives must have a thorough understanding of cyber risk and strategy.

Cybersecurity consistently tops board agendas. According to findings from What Directors Think, an annual survey of directors conducted by Diligent Institute and Corporate Board Member, cybersecurity is ranked as the most challenging issue for boards to oversee, even as digital/technology strategy ranked the 2nd most common strategy for organizations to focus on in 2023-24.

Why Should Directors Get Educated on Cyber Risk and Strategy?

One of the most important reasons for directors to receive training on cyber risk and strategy is to ensure compliance with laws and regulations. Many industries are subject to strict cybersecurity regulations, such as the healthcare industry’s HIPAA and the financial industry’s Gramm-Leach-Bliley Act. Directors who are not familiar with these regulations may inadvertently put their company at risk of noncompliance.

In addition to compliance, training on cyber risk and strategy can help directors make informed decisions about the security of their organization’s data. Directors who understand the potential risks and vulnerabilities of their company’s technology systems are in a better position to dictate the organization’s risk appetite in this area. This then allows the CISO to formulate an effective, tailor-made plan for the organization to better protect sensitive information, such as customer data.

Another benefit of training on cyber risk and strategy is that it can help to identify and mitigate potential threats. Directors who are familiar with the latest cyber threats can better see around the corners and understand what evolving cyber risks may be on the horizon. Once directors have a clear understanding of the cyber risk landscape, they can better guide management when it comes to strategic planning, implementing security protocols, such as firewalls and intrusion detection systems, and conducting regular security audits.

Finally, training on cyber risk and strategy can help directors to build trust with customers and stakeholders through establishing a culture of security from the top down. Companies that take cybersecurity seriously and invest in protecting their data are more likely to be trusted by their customers and partners. This can lead to increased customer loyalty and better business opportunities.

Introducing the Diligent Institute Cyber Risk and Strategy Certification 

The Diligent Institute Cyber Risk and Strategy Certification is a comprehensive training program to help corporate directors better lead their organizations in the digital age. It provides directors and executives with the knowledge and tools necessary to understand and manage cyber risks. By completing the program, directors and executives will be better equipped to protect their organizations and stakeholders, and to ensure the long-term success of their companies.

The Certification is a comprehensive training program that covers a range of topics including:

  • Cybersecurity governance and risk management
  • Cyber incident response planning
  • Cyber risk assessment
  • Cyber insurance and regulatory compliance
  • Cybersecurity best practices

In addition to the course curriculum, the Cyber Risk and Strategy Certification also offers a great opportunity for directors and executives to network with their peers and to share experiences and best practices. By participating in the program, leaders demonstrate their commitment to professional development and their dedication to the field of cyber risk management, which can then be used in proxy statements ahead of the proposed ruling from the SEC on cybersecurity risk management, strategy, governance, and incident disclosure by public companies which will require board members to disclose their cyber-related education.

Learn more about the Diligent Institute Cyber Risk & Strategy Certification and enroll here.

About the Author

Kira Ciccarelli

Kira Ciccarelli

Lead Researcher of Diligent Institute

Kira Ciccarelli is the Lead Researcher at the Diligent Institute. Diligent Institute is the modern governance think tank and research arm of Diligent Corporation, the leading provider in board collaboration software. In her role, Kira works to conduct and provide high-level modern governance research to inform director decision-making and identify best practices. Before joining Diligent, Kira worked in a variety of data-driven research roles, including analyzing global aid funds to the UN Sustainable Development Goals (SDGs) and compiling a meta-analysis of political experimental findings for the Analyst Institute. She holds a BA in Public Policy from the College of William & Mary.