Insight & Analysis

Board association introduces cyber/AI analysis service

Published: Aug 2025

NACD, in partnership with cyber governance company X-Analytics, has launched a subscription service that offers company directors a customised quarterly review of their vulnerabilities to online attacks and AI usage, including financial analysis of the company’s investments in security measures intended to mitigate the risks.

Person using AI to help analyse performance with charts and graphs

The National Association of Corporate Directors (NACD) has entered a partnership with a cyber risk-management firm to provide members with a customised report analysing their companies’ investments in online security and response to threats posed by artificial intelligence.

X-Analytics now offers a quarterly subscription service that focuses not only on the efficacy of a company’s security measures but also the predicted return on the financial investment. The offering is the result of a collaboration with NACD’s Board Advisory Services.

“We’ve heard loud and clear from a lot of treasurers: Cyber seems like a black hole,” Kevin Richards, X-Analytics’ President of Cyber Risk Solutions, told Treasury Today in an interview. “Cyber is on the agenda of every board meeting in some shape or form,” begging the question “Am I investing the right amount?”

Most treasurers are accustomed to receiving briefings from IT staff on the threats and their recommended security products and procedures to thwart expensive incursions from ransomware, data thieves, business interruption and rogue AI models. The new quarterly reports take the preventative measures a step further, predicting emergency scenarios and quantifying a company’s particular vulnerabilities and governance needs.

“Our Board Insights reports give treasurers a clear, actionable view of cyber and AI risk as financial exposures – not just technical issues,” Richards explained. “These risks can disrupt liquidity, alter investment returns, and shift capital priorities in an instant. Each quarterly report transforms complex threat intelligence into financially contextualised, benchmarked insights – ready for immediate use for treasurers, F-suite, C-suite and the boardroom.”

The subscription offers “an executive briefing facilitated by a NACD Board Advisory Services faculty member to review the report” and ask questions.

“We consistently hear from directors that understanding cyber and AI risk in a governance context is critical,” Peter Gleason, President and CEO of NACD, said in a statement announcing the service last month. “We are equipping boards with high-impact insights that drive informed decision-making and strengthen governance as cybersecurity and AI risks accelerate.”

A model report, reviewed by Treasury Today, includes sections outlining cyber exposure and perceived exposure by category, with a review of real incidents, especially in the subscriber’s particular industry. Data is presented on a company’s cyber expense ratio expressed as a percentage of revenue and the potential payoff in preventing financially catastrophic incidents.

A section on AI risk governance summarises adverse impacts and urges the subscriber to assess material risk across business units. While AI may aid in fraud detection, customer personalisation and other automation, it can also introduce problems involving data privacy and “adversarial manipulation.” A cyber-attack intertwined with AI may amplify the impacts and cost. AI risk governance is “still immature” and requires scenario planning, the model report states.

“For corporate treasurers, this matters because cyber risk is not static. It’s a dynamic, temporal risk tied closely to business activity,” Richards said. “Just like legal risk, it threads through nearly every business investment. When a treasurer considers capital allocation and expected returns, cyber impact – whether from new opportunities, operational changes or emerging threats – can directly affect the financial performance of that capital.”

Las Vegas-based X-Analytics includes recommended education needs in its customised checklists. The treasurer’s objective should be “becoming fluent in how AI risk has the ability to translate into financial and strategic impacts,” Richards suggested.

“AI-related threats are evolving quickly,” Richards warned. “For example, six months ago, the focus for many customers was on the technical manipulation of AI (prompt injection attacks and AI model poisoning); now, we’re seeing increasing activity around deepfake-enabled fraud, synthetic identity scams, and automated business email compromise.”

Hence a need for “urgent” education, he said.

“For the corporate treasurer personally, training should focus on understanding the business side of AI-driven risk, preferably in financial terms,” he urged. That should include “how emerging AI threats could alter an organisation’s exposure, affect liquidity, or shift capital allocation priorities.”

All our content is free, just register below

Already have an account? Sign In

Already a member? Sign In

Read more insights

Short Reads - 6 days ago
Delivering supply chain finance
Short Reads - 6 days ago
Late payments in Asia pose operational and strategic threat
Short Reads - 13 days ago
Lifting the bonnet on car financing
Short Reads - 13 days ago
Quick fire with Séverine Le Blévennec, Global Head of Treasury, Aliaxis
Short Reads - 13 days ago
Bitcoin adopted on more balance sheets
This website uses cookies and asks for your personal data to enhance your browsing experience. We are committed to protecting your privacy and ensuring your data is handled in compliance with the General Data Protection Regulation (GDPR).
Ok, I agree Privacy Policy