Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short

CISOs (chief information security officers, the executives responsible for an organization's cybersecurity) and corporate boards spend only about 30 minutes per quarter discussing cyber risk, and these conversations lack depth and strategic engagement. The report found that while 95% of CISOs report to their boards regularly, most discussions are brief check-ins rather than collaborative problem-solving, and boards want better insight into emerging threats like AI-driven attacks (attacks powered by artificial intelligence).