Studies show many corporate boardrooms either ignore, or are oblivious to the risks of cyber-security breaches.