Why Your Board Is Still Not Ready For Cyber Risk—And What Actually Needs To Change
✨ AI Summary
🔊 جاري الاستماع
InnovationWhy Your Board Is Still Not Ready For Cyber Risk—And What Actually Needs To ChangeByChris Dimitriadis,Forbes Councils Member.for Forbes Technology CouncilCOUNCIL POSTExpertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. | Membership (fee-based)Jun 02, 2026, 07:30am EDTInsights from Chris Dimitriadis, Chief Global Strategy Officer, ISACA. gettyCybersecurity is no longer a novel concept in the boardroom. There have been enough years’ worth of headlines detailing cybersecurity breaches—and the resulting financial and reputational damage—to elevate cyber risk as a board-level issue. However, significant gaps remain in enterprises’ preparedness. For the fifth year in a row, cyber incidents ranked as the top global risk, according to the Allianz Commercial Risk Barometer. A disconnect exists between how prepared boards think their organizations are when it comes to cyber risk and the reality.Why Boards Struggle To Prioritize Cybersecurity InvestmentMuch of this can be attributed to organizations struggling to clearly establish their return on investment from cybersecurity. Board directors are unlikely to push their leadership to make substantial investments in mitigating cyber risk without understanding how those investments materially influence the organization’s financial health. For many organizations, this is tricky because of the variable nature of cyber risks and the hard-to-quantify aspect of factors such as reputational damage and loss of customer trust. Further complicating matters, many organizations lack sufficient internal expertise to authoritatively understand their cyber risk preparedness and existing gaps. Security and risk leadership need to be mindful of these potential hurdles and proactively educate board directors about the multifaceted benefits of cyber risk. Measuring Cybersecurity ROI More EffectivelyTo support these efforts, organizations should explore methodologies that provide t...
