Cybersecurity risk remains a top priority, making it essential for supervisory boards, audit, and risk committees to engage with IT and cybersecurity leaders on governance, system resilience, regulatory compliance, and risk management. Key discussions should include compliance with the Cybersecurity Law and DORA, critical system upgrades, incident analysis, third-party IT service provider oversight, and cybersecurity KPIs such as phishing resilience and system uptime. Additionally, organizations should align IT security goals with strategic objectives, assess AI-related risks and controls, and reinforce a strong cybersecurity culture through training and oversight.
