Board resilience is particularly important in today’s volatile, transparent, and risk-filled business environment. What leadership doesn’t know — or fails to act upon — can hurt tremendously. Take, for example, the willful violation of emission standards that resulted in more than 30 lawsuits, a 40 percent drop in stock value, and the removal of the CEO at Volkswagen. Or consider how five public pension funds have joined a lawsuit against officers and directors of Wynn Resorts Ltd.¹ The allegation: board members were aware of former CEO Steve Wynn’s ongoing sexual misconduct — including harassment, abuse, and assault of employees — but failed to take action.

CEOs, chief risk officers, board members, and others are being sued, shamed, and removed from their positions for what’s happened under their watch. With boards tasked to take ownership of a growing roster of risks, directors have been tasked to up their risk management skills, sooner rather than later.

Rising to the fore are cyber threats, which have exploded since 2017. Cyber attacks have grown increasingly sophisticated, as have the regulations enacted in response to these new threats. For example, the EU General Data Protection Regulations (GDPR) enacted in May 2018 to unify regulation in the EU around data privacy had significant security and compliance implications for companies around the world.² Violations could potentially cost a company as much as 4 percent ...