Directors Ignore Cybersecurity Risks At Their Peril

The recent barrage of high-profile corporate cyberattacks demonstrates that cybersecurity weaknesses pose a serious corporate threat that can inflict tremendous costs on businesses.

Cybercrime costs the world economy an estimated $400 billion each year, and losses to U.S. companies account for more than 25 percent of this global total, according toa report by the Center for Strategic and International Studies.

No business with a digital presence is immune to cybersecurity risks, which include:

  • Reputational damage and loss of goodwill
  • Penalties for non-compliance with data privacy regulations
  • Litigation risks, including consumer class actions and shareholder derivative litigation, among others
  • Lack of appropriate insurance coverage for cybersecurity incidents

The recent attack on Sony Pictures and the devastating impact it has had on Sony’s operations provide a frightening example of the risk facing all businesses, even those that might believe themselves to be unlikely targets. As SEC Commissioner Luis A. Aguilar recently noted: “boards that choose to ignore, or minimize, the importance of cybersecurity oversight responsibility, do so at their own peril.”

Our view

It would be unreasonable to expect all corporate directors to be adept at the highly-technical aspects of information security. At the same time, directors’ fiduciary duties to oversee the company’s affairs and monitor risk extend to cybersecurity.

The following steps should provide a framework to ease this tension.

  1. Designate Cybersecurity Point People and Obtain Adequate Expert Support
  2. Proactively Asses Cybersecurity Weaknesses
  3. Develop and Practice a Data Breach Response Plan
  4. Establish a Clear Chain of Command
  5. Reevaluate Insurance Coverage
  6. Continuously Monitor Business Practices and Risks

Read more at: Mondaq-Directors Ignore Cybersecurity Risks At Their Peril  by John C. Vázquez and Peter J. Isajiw


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s