For the past decade, the duty of corporate directors to oversee corporate risk has become more and more pronounced. Over the past several years, however, cyber and data handling risks have emerged as perhaps the most challenging of the areas requiring board oversight. As recent headline-grabbing incidents demonstrate, the financial and public relations fallout from a cyber or data misstep can be overwhelming and expensive, and Monday-morning quarterbacking can be expected from regulators, plaintiffs attorneys, shareholders, and even business partners.
Continually evolving cyber threats and emerging legal and regulatory developments, compounded by a lack of relevant expertise on many corporate boards, make it is imperative for today’s directors to understand the nature of today’s emerging perils and protect their company and themselves from second-guessing in the aftermath of a cyber incident.
Here, we take a look at four major areas of potential liability that today’s corporate directors must understand.