NACD, Ridge Global, and the Software Engineering Institute at Carnegie Mellon University Announce Cyber-Risk Oversight Program for Corporate Directors

Friday, September 23, 2016 - 15:04

WASHINGTON, DC (Sept. 14, 2016) – With the critical issue of cyber-risk oversight at the top of every board’s agenda, the National Association of Corporate Directors (NACD), Ridge Global, and the CERT Division of the Software Engineering Institute at Carnegie Mellon University today announced the development of the first-ever NACD Cyber-Risk Oversight Program for corporate directors, which confers the CERT Certificate in Cybersecurity Oversight. 

The program brings together the professional-development capabilities of NACD, the standard setter for responsible board leadership; Ridge Global’s experience supporting C-suite executives and board leaders; and the deep cyber-technical expertise of the world-renowned SEI CERT Division to deliver a cyber education and resource program that addresses the specific cyber-risk oversight responsibilities of board members and executives.

“While NACD’s latest governance survey found that only 14 percent of respondents believe their boards have a high level of understanding of the risks associated with cybersecurity,” said NACD’s CEO Ken Daly, “our director members across the country have demonstrated a strong interest in enhancing their cyber-risk oversight capabilities.”

The NACD Cyber-Risk Oversight Program will include the CERT Certificate in Cybersecurity Oversight, along with multiple NACD resources on cyber-risk oversight such as NACD’s Director’s Handbook on Cyber-Risk Oversight, the first private-sector resource to be featured on the Department of Homeland Security’s C3Voluntary Program website.

“The SEI’s CERT Division has long advocated that authority for enterprise security should be held at the governance level of organizations—in boards of directors and senior executives,” said Robert F. Behler, deputy director and COO of the SEI. “The NACD Cyber-Risk Oversight Program will help senior leaders understand, achieve, and sustain an organization’s position on cyber risk.”

The program will be delivered completely online, allowing busy corporate directors and executives to complete the certificate from any location and at their own pace. The robust, multi-module certificate program will improve corporate directors’ understanding of cybersecurity risks, detail the respective responsibilities of the board and C-suite executives in cyber-risk oversight, and engage participants in a cyber-crisis simulation. The course will culminate in a comprehensive exam. Upon successful completion of the exam, participants will earn the CERT Certificate in Cybersecurity Oversight. 

“Cyber threats have added another complex layer for corporate directors as they help to manage 21st century business risk,” said Gov. Tom Ridge, the first U.S. Secretary of Homeland Security and CEO of Ridge Global. “Ridge Global is pleased to partner with NACD and the SEI on this innovative program to help board members and executives strengthen their ability to work with both IT and enterprise leaders to more effectively evaluate and reduce digital risk.”

The NACD Cyber-Risk Oversight Program is expected to be available in late 2016.

Visit www.NACDonline.org/CyberCertificate to request additional information about the NACD Cyber-Risk Oversight Program for corporate directors.