AIG, NACD, And ISA Issue Cyber-Risk Oversight Guidance For Corporate Directors

Thursday, June 26, 2014 - 15:09

Designed to provide corporate directors with expert guidelines to improve their cybersecurity oversight, American International Group (AIG), the National Association of Corporate Directors (NACD), and the Internet Security Alliance (ISA) today announced the release of the latest issue in NACD’s Director’s Handbook Series, Cyber-Risk Oversight.

Access this new resource at

“Ninety percent of directors participating in our latest governance survey indicated they would like to improve their understanding of cybersecurity risk,” said Ken Daly, NACD president and CEO. “This handbook provides boards with practical tools to do just that, including self-assessment questions for directors, sample board report dashboards, and guidelines for conversations with management.”

This unique publication is organized around five key principles and covers a wide spectrum of board-level considerations related to oversight of cybersecurity, including board composition, liability implications, disclosure issues, access to expertise, and risk appetite calibration.

“Recent breaches in both the public and private sectors have put the issue of cybersecurity on every board’s agenda,” said Larry Clinton, president and CEO of ISA. “This handbook is a natural extension of ISA’s mission to create private sector standards and practices that integrate both the technological and economic aspects of cybersecurity.”

Boards should adapt the recommendations set forth in the handbook based on their company’s unique characteristics, including size, life-cycle stage, business strategy, industry sector, geographic footprint, and culture.