Enabling directors to govern cyber risk and build resilience

For directors from a single organisation

Duration: 3 days over 6 months

Time commitment: Short programme

Locations: Onsite with the organisation


The programme will help your board of directors navigate cybersecurity landscapes and improve your cyber risk governance.

Delivered in partnership between Oxford Saïd and ISTARI. The programme leverages the CEO Report on Cyber Resilience; a first-of-its-kind study about cyber risk leadership.


Cybersecurity governance expectations are rising

Securities and Exchange Commission (SEC) in the US now requires companies to describe the processes by which the board is informed of cyber risks. But technology and cybersecurity are often gaps in the skills matrix of boards and 98.2% of Standard & Poor's (S&P) board directors do not have expertise with cybersecurity, according to research from The Wall Street Journal.

Lighthouse embraces the responsibility to protect organisations in an increasingly digital world. The unique blend of academic rigour from Oxford, and ISTARI’s industry insights will shift cyber risk from a daunting challenge to routine aspect of governance.


Demystifying cyber risk

The programme will equip board directors with the knowledge, insights, and practical guidance to become stewards in governing cyber risk and creating cyber resilience. Our approach will demystify cyber risk by putting it in the context of business risk and risk appetite.

We provide an independent evaluation of the board’s cybersecurity governance processes and offer bespoke recommendations and best practices to improve cyber risk governance.

You will also hear from a senior business executive who will share their experience with a serious cyberattack, including mistakes, lessons learned and insights for others.

Join us in building a more resilient future together.

A custom enablement programme

Part 1 - Governance Assessment

We conduct 60-minute, structured interviews with each member of the board, the CEO and CISO. We focus on the board’s experience with cybersecurity, the cybersecurity charter and programme from a governance perspective and cyber risk governance and committee structures.


Part 2 - Board Briefing

We will lead a discussion of the key findings from our governance analysis. We will also share best practices and the principles of good cyber risk oversight.

You will also hear from a senior business executive who will tell the story of a serious cyberattack.


Part 3 - Debrief

The board will receive a key findings report based on the interview findings and discussion during the board meeting.

We offer debrief conversations with each board member and follow-up check-ins after 6 months. The board continues to have access to a cyber advisor from ISTARI’s network of 3500+ professionals. To satisfy any regulatory requirements, we provide an optional certificate of completion from Saïd Business School, Oxford University.


Icon 3
Icon 2
Icon 1

Interested in a custom programme?