Cybersecurity, Audit and the Board

Diligent Institute and Bitsight analyzed 4149 companies on mid to large cap indices around the world to understand their board oversight of cyber risk.

Key findings

As cybersecurity emerges as one of the biggest risks in today’s business landscape, how are boards overseeing it?


Companies with advanced cybersecurity ratings create nearly 4X shareholder value


Only 5% of companies have cybersecurity experts on their boards


of companies with advanced security performance come from the financial sector

Risk & Strategy

About this report

Our analysis consists of publicly traded large to mid cap indices across Australia, Canada, France, Germany, Japan, the United Kingdom and the United States. Leveraging board data sourced from Diligent Market Intelligence in late November 2023, we examined the board structures and directors skillset backgrounds of these companies. The data was then correlated with security rating data obtained from Bitsight between December 2023 and February 2024.

Cybersecurity, Audit and the Board report cover

Do board oversight structures influence security ratings?

Companies with specialized risk committees and audit committees have relatively higher security ratings compared to those without.


Are there enough cyber experts on boards?

Only 5% of the companies studied have cyber experts on their boards.

What can boards learn from this report?

Having a cyber expert on your board may not be enough. However, integrating the individual into existing structures such as committee tasked with cyber oversight could impact security ratings.


Featured content

[rt_reading_time postfix=”minute read” postfix_singular=”minute read”]


State of Cyber Awareness in the Boardroom

NightDragon, Diligent and our coalition of industry leaders analyzed the leadership

Learn more

[rt_reading_time postfix=”minute read” postfix_singular=”minute read”]


AI Ethics & Board Oversight Certification

Learn how to govern AI ethics responsibly in Diligent Institute’s AI Ethics & Board

Learn more

[rt_reading_time postfix=”minute read” postfix_singular=”minute read”]


Cyber Risk & Strategy Certification

Get certified to oversee cyber risk & strategy with Diligent Institute, the leading

Learn more

Contacting Diligent Institute

Want to learn more?

Subscribe to Diligent Institute to hear more about our research, education programs and events. Contact us to answer any questions you have!

women meeting