Cybersecurity and Your Business’ Board of Directors

CA recent court opinion underscores the importance for a company’s board of directors to assess cybersecurity. As we’ve explored in several prior posts, directors are charged with exercising fiduciary duties, including the duties of care, loyalty, and oversight.

It is this latter duty – the duty of oversight – that resulted in a plaintiff filing a lawsuit against against his corporation and the corporation’s board of directors for failing to exercise proper oversight that purportedly harmed the company.

The opinion provides valuable insight into steps that directors may undertake to minimize potential liability (both to the company and personally) for such claims.  For instance, the court noted the asserted claims were potentially weak because the company implemented cybersecurity measures before the first data breach.

Further, the board addressed security matters “numerous” times before the breach.  Moreover, the corporation took time to enact security policies, reviewed those policies, and even hired outside technology firms to issue recommendations on enhancing security.  Had the company not taken such proactive steps, including before the breach occurred, the outcome certainly could have been different.

While there is no one-size-fits-all approach to data and cybersecurity, given the increasing threat such issues pose to companies, a board should at the very least consider data and cybersecurity in fulfilling it’s fiduciary duties.  Such consideration may result in no action being taken, or it may result in consulting with privacy counsel, technical experts, or insurance professionals to insure against cyber-related liabilities (including costs related to forensic analysis, breach notification, business downtime, credit monitoring services, and third-party claims).

Advertisements

About Matthew McKinney

Attorney focused on civil and commercial litigation.
This entry was posted in Litigation and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s