The designation “kitchen sink committee” continues to be an apt moniker for the audit committee, as research shows it is getting saddled with cyber-security oversight more than any other board committee.

However, new questions are emerging over whether audit committee directors have the right expertise to deal with these new responsibilities. Though investors are continuing to push boards to seat more cyber-security and tech experts, new data from public company intelligence provider MyLogIQ shows that these new directors aren’t often being named to the audit committee.

“Most audit committee members feel ill prepared to assess and deal with [cyber-security] risk. They are typically finance people, not IT people,” says Dave Arnold, president of search firm Arnold Partners. “I think you are going to see that change from being purely financial experts to being more in the IT expertise as a trend as we move forward into heightened awareness around cyber.”