“Cybersecurity is an enterprise risk issue that should ultimately rise to the level of the board of directors,” Ivan Fong, senior vice president, legal affairs and general counsel of 3M Company, advised. Understanding the role of the board, and counsel’s role working with the board, is integral for managing cybersecurity risk effectively. Part one of this two-part article series examines the increased role of directors in ensuring companies are appropriately protected against cyber threats and how management, including in-house counsel, should communicate with the board and keep it updated and informed. Part two will address the litigation risks faced by the board and individual directors and how to limit that liability, including details about the role directors should play to satisfy their fiduciary duties. See also “Protecting the Crown Jewels Using People, Processes and Technology” (Sep. 30, 2015).