The NACD and Internet Security Alliance released the fourth edition of their “Directors Handbook on Cyber-Risk Oversight.” Relevant for all organizations of all types and sizes, the handbook articulates core principles and associated guidance for the board’s cybersecurity oversight (including, e.g., guidance on documenting board oversight activities in the meeting minutes), accompanied by a robust toolkit consisting of questions for the board to ask management across a range of relevant topics (such as ransomware, insider threats, supply chain risks); a form of board cybersecurity oversight self-assessment, board-level cybersecurity metrics; M&A considerations; and much more.