Amanda Russo, Public Engagement, arus@weforum.org, +41 79 392 6898
Geneva, Switzerland, 23 March 2021 — Boards of directors need to play a more active role in protecting their organization from cyber risks, according to a new study released today by the World Economic Forum. Cybersecurity failure is a “clear and present danger” and critical global threat, yet responses from board directors has been fragmented, risks not fully understood and collaboration between industries limited.
The Principles for Board Governance of Cyber Risk Report provides a solution to this fragmentation and it is backed by leaders in digital risk and cybersecurity. Created by the World Economic Forum, the National Association of Corporate Directors, the Internet Security Alliance and PwC, the report is the result of a year-long collaboration to find a cohesive, global and cross-border approach to cyber risk.
The expert-led team found there are six principles that apply to a wider audience of boards and management teams. The report shows how directors can increase their understanding of cyber risks and act quickly, incorporating cyber-risk planning into overall company strategy.
“Without a principled foundation for understanding and governing cyber risk at the board level, risk responses have been piecemeal and security gaps have risen,” said Daniel Dobrygowski, Head of Governance and Trust at the World Economic Forum Centre for Cybersecurity. “These principles provide much needed foundations for directors in any industry or geography. Cybersecurity is not just a technology problem; it is an economic and strategy issue crucial for boards to address given the current environment.”
The six principles are
These practices and approaches were further validated by members of the boards of some of the most advanced companies in the world.
“Digital transformation is a business imperative,” said Larry Clinton, President, Internet Security Alliance (ISA). “Organizations can’t compete unless they leverage modern cyber tools. But, the downside of digital transformation is increased cyber risk. Balancing the need to use modern technological tools and while managing cyber risk is one of the most difficult issues a modern board faces. These consensus principles provide the guidance boards need to properly supervise and direct their management teams.”
“Boards have made gains in the last few years by recognizing cyber as an enterprise risk, but the challenges posed by rapidly changing cybersecurity threats require every company and every board to ensure cybersecurity programs are resilient,” said Peter R. Gleason, Chief Executive Officer, National Association of Corporate Directors (NACD). “This new resource, drawing on NACD and ISA guidance, offers corporate directors across the globe an effective blueprint to advance their cyber-risk oversight.”
Global Technology Governance Summit 6-7 April
Media accreditation for the inaugural summit is now open. The meeting will take place on 6-7 April, with the Government of Japan's support. More than 500 leaders from business, government, civil society and media will participate. Frontier technology, the impact of tech policy, and industry transformation are just some of the topics covered. Media can sign up and receive embargoed content.
Note to Editors
Read the Report
How to Follow our Global Technology Summit
Explore the Forum’s Strategic Intelligence Platform and Cyber Transformation Map
Learn about the Forum’s impact
Check out Forum videos | photos
Facebook | Twitter | Instagram | LinkedIn | TikTok | Weibo | Podcasts
Read the Forum Agenda (also in French | Spanish | Mandarin | Japanese)
Subscribe to News releases and Podcasts
The World Economic Forum, committed to improving the state of the world, is the International Organization for Public-Private Cooperation.
The Forum engages the foremost political, business and other leaders of society to shape global, regional and industry agendas. (www.weforum.org).