Cybersecurity is, as it should be in this era of AI-driven cyberattacks, a regular item on enterprise board agendas. However, the ways in which CISOs and boards interact, and the depth of those discussions, remain brief and superficial. According to a new report from IANS, Artico Search, and The CAP Group, CISO-board interactions remain short (typically 30 minutes per quarter), lack depth around threats, particularly those posed by AI and other emerging technologies, and are more about “listening” than active participation. “The industry is still maturing, and ‘good’ is a moving target,” said Nick Kakolowski, senior director for CISO research at IANS. “CISOs and boards are still developing a...