Regulators have come to expect that companies' senior management and board of directors must play an active role in cybersecurity risk management. New and proposed laws, such as the SEC's cyber incident disclosure and risk management rule, the FTC's Safeguards Rule, and proposed cyber audit regulations from California, and recent enforcement activity, such as the SEC's case against SolarWinds and its CISO, are reinforcing this expectation. In this session, we will discuss strategies for effectively engaging your senior leadership on cyber risk management, including ways to keep your leadership adequately informed of cyber risks and aligned with your risk management strategies.