Leadership Resilient organizations demonstrate strong board engagement in cybersecurity. Some 99% of respondents from highly resilient organizations report board involvement in this area. Among these, 52% indicate that board members receive regular cybersecurity updates, 48% report that board members are actively engaged with the cybersecurity function, and 45% state that their board has a clearly defined role in overseeing cybersecurity. The World Economic Forum Centre for Cybersecurity’s latest white paper, Elevating Cybersecurity: Ensuring Strategic and Sustainable Impact for CISOs,33 explains that in order to strengthen resilience in an era of systemic cyber risk, organizations must empower CISOs and senior leaders to translate cybersecurity priorities into strategic business action. Governance, risk and compliance When viewing governance, risk and compliance from a regulatory perspective, survey data shows that those organizations reporting high levels of resilience tend to express more favourable views on the effectiveness of regulations. Some 44% of highly resilient organizations underscore that regulations help them increase customer trust and brand reputation, compared to 20% of those that classify themselves as being insufficiently resilient. Conversely, insufficiently resilient organizations are more likely to report limited resources to track and implement changes to regulations (34%). 0%10%20% 1% High resilience (%)8% Medium resilience (%)13% Insufﬁcient resilience (%) Board is not engaged in cybersecurityBoard engagement gaps, across organizational resilience levels FIGURE 32 40 Global Cybersecurity Outlook 2026