Is the board getting the real measure of cybersecurity risks?

After reading these troubling survey results on risk and compliance demonstrating how confidential data is protected enough, it is difficult to believe that a first-ever cybersecurity report by AT&T (  found 75% of companies don’t involve their full boards in cybersecurity oversight, saying it is an IT issue and not a core business concern. Do you, as a corporate director, feel cybersecurity is not a core business concern?