AIG, NACD, and ISA Issue Cyber-Risk Oversight Guidance for Corporate Directors
Provides Practical Advice for Boards to Enhance Their Oversight of Cyber Risk
WASHINGTON, June 11, 2014 (GLOBE NEWSWIRE) -- Designed to provide corporate
directors with expert guidelines to improve their cybersecurity oversight,
American International Group (AIG), the National Association of Corporate
Directors (NACD), and the Internet Security Alliance (ISA) today announced the
release of the latest issue in NACD's Director's Handbook Series, Cyber-Risk
Access this new resource at www.NACDonline.org/Cyber.
"Ninety percent of directors participating in our latest governance survey
indicated they would like to improve their understanding of cybersecurity
risk," said Ken Daly, NACD president and CEO. "This handbook provides boards
with practical tools to do just that, including self-assessment questions for
directors, sample board report dashboards, and guidelines for conversations
This unique publication is organized around five key principles and covers a
wide spectrum of board-level considerations related to oversight of
cybersecurity, including board composition, liability implications, disclosure
issues, access to expertise, and risk appetite calibration.
"Recent breaches in both the public and private sectors have put the issue of
cybersecurity on every board's agenda," said Larry Clinton, president and CEO
of ISA. "This handbook is a natural extension of ISA's mission to create
private sector standards and practices that integrate both the technological
and economic aspects of cybersecurity."
Boards should adapt the recommendations set forth in the handbook based on
their company's unique characteristics, including size, life-cycle stage,
business strategy, industry sector, geographic footprint, and culture.
"The complexity of cyber threats has grown dramatically over the past decade.
As the intricacy of attacks increases, so does the risk they pose to
corporations," said Mark Camillo, head of cyber products for the Americas
Region for AIG. "Conscientious and comprehensive oversight at the board level
NACD's new Cyber-Risk Oversight guide is available at
American International Group Inc. (AIG) is a leading international insurance
organization serving customers in more than 130 countries. AIG companies serve
commercial, institutional, and individual customers through one of the most
extensive worldwide property-casualty networks of any insurer. In addition,
AIG companies are leading providers of life insurance and retirement services
in the United States. AIG common stock is listed on the New York Stock
Exchange and the Tokyo Stock Exchange. Additional information about AIG can be
found at www.aig.com | YouTube: www.youtube.com/aig | Twitter: @AIG_LatestNews
| LinkedIn: http://www.linkedin.com/company/aig.
The National Association of Corporate Directors (NACD) is the recognized
authority focused on advancing exemplary board leadership and establishing
leading boardroom practices. Informed by more than 35 years of experience,
NACD delivers insights and resources that more than 14,000 corporate director
members rely upon to make sound strategic decisions and confidently confront
complex business challenges. NACD provides world-class director education
programs, national peer-exchange forums, and proprietary research to promote
director professionalism, ultimately enhancing the economic sustainability of
the enterprise and bolstering stakeholder confidence. Fostering collaboration
among directors, investors, and governance stakeholders, NACD is shaping the
future of board leadership. To learn more about NACD, visit
www.NACDonline.org. To become an NACD member, contact Kelly Dodd at
kkdodd@NACDonline.org or 202-380-1891.
The Internet Security Alliance (ISA) is a multi-sector trade association that
sees cybersecurity not as an IT issue, but as an enterprise-wide risk
management issue. ISA's mission is to combine technology with economics and
public policy to create a sustainable system of cybersecurity. ISA is focused
on three main goals, thought leadership, public advocacy, and creating
standards and practices that effectively promote cybersecurity. In 2008, ISA
published its cybersecurity social contract which argued that traditional
government regulation would be ineffective and counter-productive against the
growing cyber threat. Instead, ISA proposed that government work with industry
to identify effective standards and practices and motivate voluntary adoption
of these standards and practices by deploying market incentives. In 2011, the
ISA "social contract" was embraced by the House GOP task force on
cybersecurity and in 2013 the ISA approach was adopted in President Obama's
executive order on cybersecurity.
CONTACT: Media Contact:
Henry Stoever, Chief Marketing Officer, NACD
Matt Gallagher, AIG Media Relations
Press spacebar to pause and continue. Press esc to stop.