The project
Over a period of nine months, a team of three professionals undertook a comprehensive effort to gather valuable data, insights, and real-world examples of Cybersecurity Board Reporting. The objective was clear: to strengthen reporting practices and enable more meaningful, informed dialogue between Boards and executive teams. Ultimately, this work is intended to support Board members in fulfilling their duty of care with greater confidence and clarity in the face of evolving cyber risk.
The team engaged with senior directors from 67 major organizations across Australia, Belgium and Switzerland. Their perspectives have shaped the content of this report and brought to light a range of governance practices that influence how cybersecurity is discussed at Board level. The purpose for including different countries was to ensure our work was internationally relevant, not to compare different countries.
This report includes observations, challenges, and emerging good practices related to Cybersecurity Board Governance, along with a proposed Cybersecurity Board Reporting Framework. The framework is intended to enhance communication between Boards and management, ensuring that cybersecurity is positioned as a strategic risk to the business.
The intended audience includes Board members, executives, and security professionals—stakeholders who share a common interest in aligning governance, risk, and operational insight on this complex issue.
Average market Cap Approaching 20 Bn
Engaged with Board Members
The Project timeline
06/2024
Project start
09/2024 - 01/2025
Interviews
02/2025 - 03/2025
Analysis and Reporting
04/2025
Publishing
Participating organisations
Were listed
Sanitized recent Cybersecurity Board Reports
Become a fellow
Join a growing network of leading organisations contributing to a large-scale study on cybersecurity. As a Fellow, your company will help shape industry insights, benchmark best practices, and drive forward the future of digital security.
The Project Partners
We also acknowledge the valuable collaboration with the International Centre for Corporate Governance in St. Gallen, Switzerland and the National Centre for Cybersecurity Belgium (CCB), whose support and expertise contributed significantly to the success of this international practice-led initiative. We would like to extend heartfelt thanks to all Directors who have so graciously given us their time and insights that made this report possible.
