Current Board Practices and Structures Inadequate to Oversee AI

80% of non-executive directors (NEDs) believe their current board practices and structures are inadequate to oversee AI effectively, according to a survey from Gartner. However, 91% of NEDs view AI as an opportunity for shareholder value rather than a risk.

“Boards are remarkably optimistic about AI’s potential value, even more so than chief executive officers (CEOs), chief information officers (CIOs), and other executives, when compared across Gartner studies,” said Daniel Sanchez Reina, VP Analyst at Gartner. “However, most boards recognize they are not well-equipped to oversee AI because most board members are not digital natives and lack technology backgrounds. Until recently, technology topics rarely took significant time on board agendas. But cyber-risk and AI are changing that, and NEDs are moving quickly to increase their tech-savvy and find new ways to provide oversight.”

Boards also show strong agreement on cyber risk, with 93% seeing it as a threat to shareholder value. Additionally, they express similar concerns about the ability of the board to oversee rapidly evolving cyber-risk threats, with 67% rating current board practices and structures as inadequate to oversee cyber-risk. “NEDs almost universally recognize cyber-risk threats and express concern about current board practices to provide effective oversight. However, the majority of NEDs (58%) express a desire to take more technology risk rather than less,” said Tina Nunno, Distinguished VP Analyst and Gartner Fellow.

NED's interest in AI, cyber risk, and technology more broadly extends to investments. When asked to identify the top five investments that would lead to greater shareholder value in the next two years, AI was the number one choice overall, and in the top five of 63% of respondents. Technology other than AI was in the top 5 of 57% of the respondents, and cyber-risk investments for 39%. “Boards have moved beyond curiosity about AI and are now actively engaging their CEOs and management teams to understand opportunities to use AI to deliver efficiencies and drive new revenue opportunities,” said Nunno.

To address technology-driven opportunities and gaps in current board oversight structures, boards intend to recruit more NEDs and CEOs with technology and cyber-risk expertise. 77% of NEDs said they will need to assign more directors with technology expertise in the next 12 months. Additionally, 72% said they will need to recruit more directors with cyber-risk expertise, while 53% believe that the technology expertise of the next CEO is a significant factor in succession planning.

“NED's willingness to make structural changes to boards, and shift their CEO recruiting profile, indicates that they believe that technology will be a critical driver of shareholder value going forward,” said Nunno. In 2025, NEDs will be looking to CIOs and chief information security officers (CISOs) to help them understand the opportunities and risks for their industries and enterprises. However, they may need to adjust how they communicate with their boards.

“The surveyed NEDs expressed a strong preference for the communications provided by their CEOs and chief financial officers (CFOs), which are often heavily financial in nature and directly link to financial statements,” said Nunno. “Whenever possible, CIOs and CISOs should focus on communicating in terms of financial impacts and risks to increase the impact of their communications.”