Diligent launches cyber risk tool for board oversight

Diligent has launched Diligent Cyber Risk Management, a product that links cyber risk to business priorities.

The software is due to become available in summer 2026 and is aimed at organisations seeking to assess cyber risk against strategic goals, core operations and board oversight. It is designed to reduce the manual work involved in cyber risk reviews and help security teams focus on the issues with the greatest business impact.

The launch adds a cyber-focused product to Diligent's wider governance, risk and compliance offering. It also reflects growing demand from boards and senior management for reporting that shows not just technical weaknesses, but the business consequences of cyber threats.

The system uses AI to bring together threat, vulnerability, asset and control data in one place. It then generates risk scenarios, scores and recommendations to help organisations decide which issues need attention first.

Another part of the product assigns risk scores at asset level, focusing on where critical business processes face the greatest exposure. That approach can guide patching, spending and remediation decisions.

A separate workspace is intended to centralise remediation and IT compliance activity. The software can assign owners, track treatment plans, map controls across frameworks and automate testing.

Board reporting is another central part of the launch. The product includes dashboards that update automatically and connect cyber threats with strategic objectives and critical processes, with the aim of giving directors and executives a clearer view of cyber posture.

The product will sit within the Diligent One platform, which brings together enterprise risk, audit and cyber oversight. Diligent says this unified approach is intended to reduce conflicting accounts of risk across different functions and create a single view for senior management and boards.

One user in local government pointed to the challenge of making sense of fragmented information. "Municipal security teams don't have the luxury of piecing together risk from scattered scans and spreadsheets. We need up-to-date insight into how cybersecurity can best protect the services our community depends on," said Dave Schultz, Risk Manager, Risk and Controls, City of Lethbridge.

Schultz added: "An agentic solution that accelerates assessments and clearly connects threats and vulnerabilities to strategic priorities would be transformative in helping us make credible recommendations to leadership."

Board focus

The launch comes as cyber risk reporting has moved beyond technical teams to become a regular board issue. Directors are under pressure to understand operational exposure, regulatory obligations and the potential effect of cyber incidents on revenue, services and reputation.

That shift has created demand for tools that can translate technical findings into business terms. Vendors in governance, risk and compliance software have increasingly sought to tie cybersecurity data to broader operational and financial risk rather than treat it as a separate discipline.

Diligent is positioning the product in that space by emphasising links between cyber events and strategic decision-making. Many security teams have access to large volumes of threat and control data but still struggle to present a concise explanation of what is at stake for the business.

Scott Bridgen outlined that view when discussing the release. "Most security teams are drowning in vulnerability scans, threat feeds and control data, yet lacking the one thing the board keeps asking for: a clear picture of what is truly at risk for the business," said Scott Bridgen, General Manager, Risk & Audit at Diligent.

He added: "Diligent Cyber Risk Management turns static risk registers and checkbox compliance into an AI-powered system of action, helping organizations prioritize the security decisions that matter and clarify the impact of AI, IT and cyber risk to management and the board."

Diligent says the new product builds on a broader set of AI-based tools across its governance, risk and compliance portfolio, including products for boards, audit and third-party risk. The company says it serves more than 1 million users and 700,000 board members through the Diligent One platform.

By adding cyber risk management more directly into that platform, Diligent is seeking to strengthen its position in a software market where companies want fewer disconnected tools and a more consistent picture of risk across the business. The launch centres on that effort to place cyber decisions in a wider business context.