Cyber regulations and data protection: What volunteer boards need to know

Mission-driven organizations hold highly sensitive financial and personal data, making them prime targets for cyberattacks and increasingly subject to complex global regulations. As governments tighten rules around breach notification, accountability and AI governance, boards and leadership — including volunteer trustees — must quickly level-up oversight, resilience and compliance literacy. The guide outlines recent regulatory changes by region and offers practical steps to strengthen governance, reduce risk and prepare for emerging mandates.