Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches

Description

Recent high profile data breaches at Anthem, Target, Wyndham Hotels and other major companies have fueled a growing number of lawsuits that seek to hold corporate directors and officers liable for damages on breach of fiduciary duty and corporate waste theories. When breaches occur, litigants have accused officers and directors of breaching duties of care and loyalty, engaging in corporate waste, and misstating financial statements as a result of the failure to have proper internal controls in place to guard against and respond to data breaches.

To protect shareholders and the public, the SEC issued cybersecurity guidance and held roundtables encouraging corporations to disclose cybersecurity risks and related material costs to investors. In Feb. 2014, the National Institute of Standards and Technology also issued cybersecurity standards for corporations. Both efforts create heightened duties, expectations and risks regarding data privacy and security for directors and officers, including increased scrutiny of third-party relationships.

In the current environment, counsel should advise corporations on developing strong internal controls to ensure a rapid and effective response to known cybersecurity threats. Further, counsel should lead client companies in examining D&O, E&O and cyber-liability policies to ensure adequate coverage. Counsel should also review corporate policies on indemnification and advancement of defense costs for executives and officers.

Listen as our authoritative panel discusses recent legal developments impacting D&O risks and potential liabilities for cybersecurity and data privacy breaches. The panel will outline proactive strategies to evaluate and minimize liability exposure and defend against derivative and securities fraud litigation.