91% of security professionals assert that boards, not CISOs, hold ultimate accountability for cybersecurity breaches. A recent survey indicates 56% believe board members should face sanctions for serious incidents, highlighting a shift in responsibility as cybersecurity increasingly enters C-suite discussions. Regulations like NIS2 and DORA suggest senior managers could be held liable, but accountability remains vague. For effective governance, boards require complete risk information from security professionals to make informed decisions. https://www.tripwire.com/state-of-security/breaches-boards-cant-hide-behind-cisos
