Skip to main content


The Cyber Risk Director Network

Great visit to DC to brief key House and Senate members and their staffs on the Cyber Risk Director Network (CRDN). In our meetings with policy makers, regulators, and the press we shared key findings from our December CRDN meeting. Lots of interest from policy makers to engage further on this important and timely topic.

Jonathan Day, Michael Mahoney, and King & Spalding partner Phyllis Sumner, made the rounds on Capitol Hill, meeting with:

  • House Intelligence Committee Chairman Adam Schiff
  • Representative Denver Riggleman
  • Staff for Senators Jerry Moran, Mark Warner, Jack Reed and Richard Burr and Representatives Jim Himes and Jim Langevin
  • Senate Banking Committee, Commerce Committee and Homeland Security Committee Staff
  • House Financial Services Committee and Homeland Security Committee Staff



The Cyber Risk Director Network

Cybersecurity has steadily risen on the list of critical risks facing large global companies. In some cases, threats of cyberattack and related privacy issues hamper these firms’ ability to pursue digital transformations critical to their competitiveness and even sustainability. Cyber risk is unquestionably a matter of strategy and a boardroom issue.

The inaugural meeting of the Cyber Risk Director Network (CRDN) took place in New York, on December 11, 2019. Its conclusions were sobering: even in companies where internal cybersecurity management is highly sophisticated, board oversight of this risk is still developing. It can be difficult to assess any company’s maturity in cyber risk governance.

Members discussed three broad topics; the ViewPoints linked to this page provide extended reading on each.

  • Board oversight of cyber risk. Although some aspects of cyber governance fit well with standard ERM (Enterprise Risk Management) approaches, directors felt that these threats present an unprecedented challenge.
  • Public-private collaboration. The nature of contemporary cyber threat means that corporate collaboration with government agencies is critical, but the state of this collaboration remains embryonic and potentially risky for the companies involved.
  • Boards and cyber incident response. Responding to a major cyberattack often involves decisions about corporate strategy and purpose, not just technical and legal matters; the board’s involvement is therefore essential. But in many companies, incident response plans aren’t framed at boardroom level, and directors are still learning how best to engage in response planning and response activity.

Read the ViewPoints.

Highlights: Financial Services Leadership Summit

The 2019 Financial Services Leadership Summit (FSLS) took place in October in Washington, DC. Directors and senior executives from among the largest banks and insurers globally, fintech executives, regulators, policymakers, and other subject matter experts convened for discussions focused on the resilience of the financial system in light of evolving risks to markets, business models, and technology, and the potential policy responses.

Ten years after the global financial crisis, the financial services business has changed. Large institutions have shored up capital and liquidity, new rules have been implemented, and supervision has tightened. Business models have also changed, and new models are emerging, as incumbents and fintechs adopt advanced technologies and tech companies wade into financial services. Now, financial services leaders are considering what might cause a future crisis and how prepared individual institutions and the system are to emerging sources of risk.

How resilient will new entrants and new models be to major dislocation? Are operational and technological resiliency or data integrity issues likely to trigger the next crisis? What tools and mechanisms do policymakers and regulators have to respond to a crisis? How might broader geopolitical issues impact financial services as regionalization replaces globalization? How resilient are traditional business models to systemic disruption? And can large firms in a sector so closely tied to the trajectory of the broader economy grow their business in a slow- or no-growth environment? Participants in the FSLS explored these and related questions and issues.

2019 Financial Services Leadership Summit Viewpoints

Highlights: Assessing the results of the diagnostic quality assurance pilot


In May 2019, Tapestry and members and liaisons of the multistakeholder Steering Committee (SC), which oversees the progress of the diagnostic quality assurance pilot, met to discuss the pilot’s results. Since its launch in 2016, the pilot has aimed to create a process to compare the performance of molecular diagnostic tests that are used for selection of targeted therapies, using a test case of a next generation sequencing (NGS) diagnostic for a specific targeted cancer treatment. Earlier this year, 18 volunteer laboratories returned data to the pilot’s technical implementation team at the College of American Pathologists, marking an end to the pilot testing phase. The data compared performance of laboratories’ validated tests with specifications set by an FDA-approved companion diagnostic (CDx).  


During the May meeting, the CAP’s Scientific Technical Working Group (STWG) leadership presented a summary of the dataset and lessons learned from implementing the pilot. Collectively, the STWG representatives and SC discussed the results’ technical implications, and their meaning for various stakeholders and SC members’ organizations.  Moving forward, SC members are committed to sharing outcomes later in 2019 through a peer-reviewed technical publication, a white paper, and, potentially, through other mediums. Read more here

Upcoming meetings

European Audit Committee Leadership Network

February 2020, Amsterdam, The Netherlands



Bank Governance Leadership Network

February 2020, London, United Kingdom



Northeast Audit Committee Network

March 2020, New York City



Welcome To Tapestry

Tapestry is pleased to announce our newest partner, Marsha Ershaghi Hames. Marsha is a certified compliance and ethics professional. 

Prior to joining Tapestry, Marsha was a managing director of strategy and development at LRN, Inc. a global governance, risk and compliance firm where she specialized in the alignment of leaders and organizations for effective corporate governance and organizational culture transformation. She has been interviewed and cited by the media including CNBC, CNN, Ethisphere, HR Magazine, Compliance Week, The FCPA Report,, Chief Learning Officer, ATD Talent & Development, Corporate Counsel Magazine, the Society of Corporate Compliance and Ethics and more. She hosted the “PRINCIPLED” Podcast, profiling the stories of some of the top transformational leaders in business.

Marsha joins Tapestry's corporate governance practice. Welcome, Marsha!


Recent Publications

Special investigations

European Audit Committee Leadership Network, January 2020

Read more here

Corporate purpose and the post-global world

Compensation Committee Leadership Network, December 2019

Read more here


Making the system resilient in a new age of financial services

Financial Services Leadership Summit, December 2019

Read more here

Redefining corporate purpose in the 21st century

Lead Director Network, December 2019

Read more here

Shaping the future of alternative payment models in oncology

Optimal Oncology Alternative Payment Models, December 2019

Read more here

Oversight of corporate culture

Audit Committee Leadership Network, December 2019

Read more here