What Directors Think: Are today’s tools enough for tackling tomorrow’s risks?

This article originally appeared in our February 12th edition of the Diligent Minute Newsletter. For more insights like these, delivered straight to your inbox, subscribe here.

This week I’ve been digging back into What Directors Think, produced with our partners at Corporate Board Member, and the signals on risk oversight are impossible to miss. More than 200 corporate directors shared how they see the year ahead; their views reveal where boards are strengthening oversight and where blind spots still linger.

Key risk trends boards can’t ignore in 2026

From a risk oversight perspective, the story starts in a familiar place: the macro environment. A majority of directors cite a sharp downturn in the U.S. economy as the single biggest risk over the next few years, with “black swan” events and large-scale cyber incidents close behind. Economic conditions and government policy shifts top the broader risk landscape too, even as directors see technological disruption and M\&A as some of their greatest opportunities.

Boards are not standing still. Over the past five years, 84% say they’ve changed their approach to scenario planning, expanding the scope of scenarios they consider, increasing the time devoted to planning and broadening the range of geopolitical, technological and social risks they examine.

Some risk-oversight trends that stood out

• 55% of directors cite a sharp downturn in the U.S. economy as a top organizational risk, and 31% worry most about a black swan event they haven’t yet scenario planned.
• 63% include cyber events or data breaches in crisis exercises, 58% model economic shocks, 51% test for technology-related disruption and 27% now incorporate AI-related risks.
• 47% say more frequent, structured risk discussions at the full-board level would most improve risk oversight, and 32% want a clearer link between risk and strategy.
• 26% point to better use of AI-powered data and technology tools as a key lever to strengthen risk oversight.

Where risk oversight still falls short

• Only 28% of directors view cybersecurity as a top organizational risk, even though cyber incidents are modeled in crisis planning more than any other scenario.
• Just 12% say strengthening cyber and data‑privacy defenses is a priority for 2026.
• AI and technology‑related regulation is expected to demand the most compliance attention this year, yet 41% of directors say it remains the most underestimated area of compliance oversight.

The risk oversight toolkit in transition

Upgrading the board’s risk oversight toolkit

Boards still lean most heavily on management reporting and updates from internal audit or the risk committee, but many say that isn’t enough in a world of always-on risk. They point to AI monitoring tools, better integration of compliance into strategy discussions, and more frequent engagement with external experts as the upgrades they need most.

Digital infrastructure is improving — nearly half of directors now receive real-time or near-real-time operational data between meetings — but many wish board time were more forward-looking, noting that risk and performance data are often used to monitor the present rather than reframe the future.

What emerges is a picture of boards working hard to catch up with the velocity of risk, but still wrestling with misalignment between what they rehearse, what they prioritize and how they equip themselves. Directors in this year’s survey point to the same set of needs: more structured risk discussions, clearer links between risk and strategy, better tools and analytics and ongoing education on emerging threats.

For boards, the mandate is clear

Risk oversight has to become a continuous discipline, not a periodic exercise. That means pairing richer scenarios and better data with more disciplined boardroom processes, so directors can anticipate disruptions, challenge assumptions and guide management through whatever “unimagined” risks come next.

Explore the full findings in What Directors Think 2026.