Every year, more news outlets report cybersecurity?breaches--and higher education is not immune from these sinister trends. Cyberattacks on colleges, universities, and foundations have become more frequent, more sophisticated, and more dangerous. Successful cyberattacks can compromise an institution's reputation, result in substantial financial payouts, undermine its credit status, and foment legal challenges--to say nothing of impeding an institution's fundamental capacities for teaching, learning, and research. Given the seriousness of these potential harms, governing boards must recognize that cyber risks are enterprise-level risks, not simply an IT issue. AGB?believes strongly that?ensuring?cybersecurity?in?colleges and universities?requires a?strong, concerted,?enterprise-wide risk management strategy?at each institution. Governing boards need to continuously assess their effectiveness to address cyber risks, both in terms of their own fiduciary responsibility as well as board oversight of the administration's activities. To that end, this handbook frames five principles that governing boards need to understand in order to adequately and successfully oversee their institution's cybersecurity. "Cyber Risk Oversight for Higher Education Boards" explores these five principles and includes a toolkit to facilitate robust board conversations and strategic decisions about managing cyber risk. This resource, the first of its kind for higher education, builds on a highly respected manual developed by the Internet Security Alliance (ISA) for corporate directors. It reflects the unique needs of higher education, informed by insights from board members and higher education cyber risk professionals. With special thanks to ISA and AIG. [The book was also developed in partnership by the Internet Security Alliance (ISA).]