Mitigating D&O Liability Exposure for Data Privacy and Cybersecurity Breaches

Reducing D&O Risk With Internal Controls, Insurance, and Indemnification; Defending Derivative Lawsuits

This program is cancelled

A live 90-minute CLE video webinar with interactive Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Thursday, June 29, 2023

1:00pm-2:30pm EDT, 10:00am-11:30am PDT

This CLE course will provide counsel with an examination of existing and emerging risks corporate directors and officers face with respect to how their organizations handle data privacy and data security. The panel will explain the breadth of D&O fiduciary duties in this area, the application of the business judgment rule, and best practices to reduce risks and guard against lawsuits.


High profile data breaches at major companies have fueled a growing number of lawsuits that seek to hold corporate directors and officers liable for damages on breach of fiduciary duty and corporate waste theories. When breaches occur, litigants have accused officers and directors of breaching duties of care and loyalty, engaging in corporate waste, and misstating financial statements as a result of the failure to have proper internal controls in place to guard against and respond to data breaches.

To protect shareholders and the public, the SEC issued cybersecurity guidance and held roundtables encouraging corporations to disclose cybersecurity risks and related material costs to investors. The National Institute of Standards and Technology issued cybersecurity standards for corporations. Both efforts create heightened duties, expectations, and risks regarding data privacy and security for directors and officers, including increased scrutiny of third-party relationships.

In the current environment, counsel should advise corporations on developing strong internal controls to ensure a rapid and effective response to known cybersecurity threats. Further, counsel should lead client companies in examining D&O, E&O, and cyber liability policies to ensure adequate coverage. Counsel should also review corporate policies on indemnification and advancement of defense costs for executives and officers.

Listen as our authoritative panel discusses recent legal developments impacting D&O risks and potential liabilities for cybersecurity and data privacy breaches. The panel will outline proactive strategies to evaluate and minimize liability exposure and defend against derivative and securities fraud litigation.



  1. Latest trends in derivative and securities fraud lawsuits for cybersecurity breach
  2. Recent government enforcement activity
  3. D&O duties related to privacy and cybersecurity
  4. Best practices to reduce the risks to directors and officers before and after a breach
  5. Evaluating and negotiating insurance coverage and indemnification agreements


The panel will review these and other key issues:

  • What are the latest trends in derivative and securities fraud lawsuits after a corporate data breach?
  • What steps has the federal government taken in recent years to monitor and address cybersecurity concerns?
  • What issues should directors and officers understand when evaluating a corporation's risks related to cybersecurity?
  • What fiduciary duties do directors and officers owe corporations and shareholders with regard to data privacy and data security?
  • How can insurance policies, director exculpation clauses, and indemnification agreements help protect directors and officers from personal liability?


Stio, Angelo
Angelo A. Stio, III

Troutman Pepper

Mr. Stio is a first-chair litigator who tries cases in courts and arbitration tribunals throughout the United States....  |  Read More

Additional faculty
to be announced.