As I was researching information on board expertise level for cyber-security, I found this report dating from 2016, but still so relevant. It shows that 40% of all directors surveyed admit they did not feel responsible for the repercussions of a cyberattack, reflecting a lack of cyber-risks understanding by directors. Moreover, independent director cybersecurity literacy lagged that of other groups of executives, which is not reassuring. Boards in general and independent directors in particular have work to do to meet their cyber-security oversight mandate. How do you feel about the cyber-literacy of your board?

https://corpgov.law.harvard.edu/2016/05/01/grading-global-boards-of-directors-on-cybersecurity/