Boards and Cyber Resilience - AISA/AICD Research Survey Findings


Study reveals more needs to be done to improve cyber security reliance

A new study by the Australian Institute of Company Directors (AICD), in partnership with the Australian Information Security Association (AISA), reveals that while most Australian directors see cyber security as a high priority issue, there is still a lack of formal oversight at a board level.

More than 850 directors were surveyed for the Boards and Cyber Resilience study, investigating board preparedness for cyber security incidents and benchmarking current practice to guide further education initiatives for directors. The survey found that 72 per cent of respondents say cyber security is a ‘high priority’ issue for their board. Recent Director Sentiment Index surveys mirrored this finding with cyber security having moved up to the top-ranking issue keeping directors ‘awake at night’.

Other results that indicate there is still room for improvement in board oversight, include:

  • Around 39 per cent of directors say they have made cybersecurity a specific focus of a board committee
  • 36 per cent of directors say they receive regular reporting on internal training and testing; and
  • Just 21 per cent of directors receive reporting on the cyber performance of key third-party suppliers
  • Only 44 per cent of directors indicate receiving training in cyber risk, and even fewer (23 per cent) have appointed directors with cyber skills

Read the Report - Boards and Cyber Resilience HERE