Handbook on cyber-risk management help Boards of Directors in Europe secure business resilience

April 16, 2020

Brussels, Belgium – Today, the Internet Security Alliance (ISA) and the European Confederation of Directors’ Associations (ecoDa) released a handbook on cyber-risk management for corporate boards of directors in Europe.

“A cyberattack is not what a Board of Directors wants to face in the midst of the Corona crisis. Our handbook will help prevent such a scenario”, said Béatrice Richez-Baum, Director General at ecoDa.

“The COVID-19 virus is a catalyst for expanded digital transformation. We are already seeing substantial adaptation by organizations who are being forced to operate in an increasingly on-line fashion,” said ISA President Larry Clinton. “As enterprises move ever more quickly to adopt online mechanisms, it is easy to forget that these needed innovations also can create increased cyber risk. This handbook provides a roadmap for organization’s leaders to follow and increase the resiliency of their systems in this new environment.”

The new handbook, is co-branded by ISA, AIG and ecoDa, will be based on the Cyber Risk Handbooks ISA has previously developed for the US National Association of Corporate Directors.

“The increased risks of cyber-attacks are a reality that companies have to cope with. Business resilience depends on the capacity of board members to embed cybersecurity in all aspects of their strategy.”, said Béatrice Richez-Baum.

The process to develop the version of the Cyber Risk Handbook for Europe included multiple workshops and webinars with European corporate directors which led to making several adaptations to the unique cultural, legal, and business differences in Europe.

“The prescriptions found in these handbooks have been tested in global surveys and found to significantly improve cybersecurity budgeting and enhance cyber risk management by better connecting business goals with cyber security and creating a culture of security,” said ISA President Larry Clinton. “Working with the ecoDa community and AIG has enabled us to adapt the principles and toolkit in these handbooks to the unique European cultures and perspectives. While this handbook is uniquely European, it is also consistent with the global trend toward understanding cybersecurity as more than just an IT issue but as an enterprise-wide risk management issue,” said Clinton.

The handbook is built around five core principles enlightened by a practical toolkit. The substance is summarised in a short and straight-forward version that helps the reader to navigate among the essential elements.

The U.S. handbooks have been endorsed by the U.S. Department of Homeland Security and Department of Justice and the German edition was a co-production with the German government’s Federal Office for Information Security, known as BSI. Last year, the Organization of American States and the ISA produced a similar handbook for Latin America.

ecoDa is the leading authority on board governance in Europe—representing 55,000 European board directors through its member organizations. ecoDa’s member organizations represent board directors – including large listed companies as well as small firms – from across Europe. ecoDa’s mission is to promote the role of directors and governance, to influence European decision-making, and to provide services to its member organizations. ecoDa also works to facilitate the creation and development of national director institutes.



Béatrice Richez-Baum, Director General, ecoDa

contact@ecoda.org, Tel: 003222315811

ISA is a multi-sector trade association with the mission of integrating advanced technology with economics and public policy to help create a sustainable system of cyber security. ISA works collaboratively with both private sector partners like NACD, ecoDa and the Center for Audit Quality as well as governments internationally on three goals – thought leadership, developing effective public policy and promoting the use of effective cyber security standards and practices.


Josh Higgins, Senior Director of Policy and Communications, Internet Security Alliance

jhiggins@isalliance.org, Tel: +1 (202) 763-4562