Increased regulation and litigation coupled with the growing threat of hackers disrupting a company have led boards of directors to become more involved in their companies’ cyberincident response plans.

“Compliance and new regulations, whether it’s a cross-sector of regulation like GDPR [General Data Protection Regulation] or a sector-specific regulator, these are certainly things that are driving the board to pay closer attention,” said Michael Mahoney, a partner at Tapestry Networks and the Cyber Risk Director Network lead.