In the last few years, companies both in the United States and abroad have witnessed the steady growth of cyber attacks and corporate espionage. The reputational harm and massive costs from data breaches are putting more pressure on board members to up their game on overseeing cyber-risks.

To get a better grasp on how U.S. boards are handling cyber security roles and responsibilities, NYSE Governance Services, Corporate Board Member and RSA, in association with EY, surveyed more than 200 audit committee members this spring on a variety of issues regarding their cyber risk oversight program. This paper will outline the top-line issues surrounding cyber risk oversight and highlight the findings of our study on directors’ opinions related to their role in cyber risk oversight.