Archives: Cyber Liability

Subscribe to Cyber Liability RSS Feed

Next Up: A Home Depot Data Breach-Related D&O Lawsuit?

After claimants filed shareholders’ data breach-related derivative suits against the boards of Target (here) and Wyndham Worldwide (here), a number of commentators (including me) asked whether we could see a wave of cybersecurity related D&O lawsuits. Interestingly, since these two lawsuits were filed more than a year ago, there have been no further lawsuits of … Continue Reading

Guest Post: Courts Uphold California Privacy Claims Despite Vague Allegations: Opening The Litigation Floodgates?

Among the many concerns that arise whenever unauthorized appropriation or use of consumer data occurs is the possible violation of the consumers’ privacy that the access may represent. In numerous cases, aggrieved parties have tried to assert claims for these alleged privacy violations, but by and large these attempts have not been successful. However, as … Continue Reading

Guest Post: Cybersecurity Enforcement: The FTC Is Out There

Along with the disruption and the reputational damage, a company experiencing a data breach can also find itself attracting the unwanted attention of regulators. Among the federal regulators that has proven to be active in data breach arena has been the Federal Trade Commission. In the following guest post, Robert Carangelo, Eric Hochstadt, and Gaspard Curioni of … Continue Reading

Guest Post: Is Employee Awareness and Training the Holy Grail of Cybersecurity?

In the current environment, most organizations are aware of the potential threats to their firms from a breach of their data systems and networks. Among the ways companies can protect themselves from these types of threats is through improved employee awareness and training. In the following guest post, Paul Ferrillo and Randi Singer of the … Continue Reading

As Part of White House Cyber Security Initiative, President Proposes Uniform Data Notification Rules

As previously discussed on this blog (refer for example here), over the years there have been a number of different responses from the federal government to the threat of cyberattacks on U.S. companies and infrastructure, but overall the government’s track record on the issue is mixed. However, according to a January 12, 2015 Wall Street … Continue Reading

Will Investors Sue Over the Sony Hack Attack?

 As I noted in my recent rundown of the top D&O stories of 2014, one of the most important developments during the year just finished was the emergence of cyber security as a D&O liability concern. During 2014, plaintiff shareholders launched cyber breach-related derivative lawsuits against the boards of Target and Wyndham (about which refer … Continue Reading

Up Next: Cyber Insurance Requirements for Banks?

As I noted in a post last week, in a speech earlier this month in which she outlined the steps bank boards can take to address cybersecurity issues, Sarah Raskin, the second-ranking official at the U.S. Department of Treasury, laid out the reasons why banking institutions should be investing in cyber insurance. This speech is … Continue Reading

Top Treasury Official’s Speech Urges Adoption of Cyber Risk Insurance

Officials across a range of federal regulatory agencies have made it clear that promoting cyber security is an increasing priority. A critical part of the federal officials’ message has been the message that cyber security should be a corporate governance priority for company executives and corporate boards. For example, in a June 2014 speech, SEC … Continue Reading

Guest Post: Cyber Security Indeed: Derivative Action Dismissed Where Board Proactively Addressed Cyber Risks and Exposures

The derivative lawsuit filed against the board of Wyndham Worldwide Corporation in connection with the series of cyber breaches the company had experienced was being closely watched as possibly representative of a potential new area liability exposure for corporate directors and officers. However, as I discussed in a prior post (here), on October 20, 2014, … Continue Reading

Dismissal Granted in Cyber Breach-Related Derivative Suit Filed Against Wyndham Officials

 Along with the separate derivative lawsuit filed against Target Corporation’s board, the cyber breach-related derivate action filed against Wyndham Worldwide Corporation’s board has been closely watched as representative of a potential new area  liability exposure for corporate directors and officers.  However, in an October 20, 2014 opinion, District of New Jersey Judge Stanley Chesler, applying … Continue Reading

Guest Post: Cyber Security and Cyber Governance: Federal Regulation and Oversight – Today and Tomorrow

It seems that every day there is yet another story in the business pages about a significant data breach at a major company. Cybersecurity is an increasingly important topic for companies and their shareholders, and the problems with cybersecurity are an increasing concern in Washington as well. In the following guest post Paul A. Ferrillo … Continue Reading

Guest Post: The Cloud, Cyber Security and Cloud Cyber Governance: What Every Director Needs to Know

As I have noted frequently on this blog (most recently here), it is becoming increasingly clear that cybersecurity is viewed as a board level issue. At the same time that many boards have taken up the concerns surrounding cybersecurity issues, their companies increasingly are becoming dependent on cloud computing – which potentially could make their … Continue Reading

Guest Post: Mergers, Acquisitions, and Data Privacy: The FTC is Watching

The question of the privacy rights of consumers is an increasingly important topic. In the following guest post, Bill Boeck, Senior Vice President. Insurance & Claims Counsel for Lockton Financial Services, takes a look at recent actions the Federal Trade Commission has taken to protect consumers’ privacy rights and to enforce companies’ privacy policies.   … Continue Reading

More About Stories We’re Following

Cybersecurity as a D&O Liability Issue: I have noted in prior posts on this site (refer for example here) that cybersecurity represents, among other things, a D&O liability exposure. The recent lawsuits filed against Target (refer here) and Wyndham Worldwide (refer here) underscore this point. In addition, at least according to a July 7, 2014 Bloomberg … Continue Reading

SEC Commissioner Aguilar Addresses Cybersecurity Oversight Responsibilities of Corporate Boards

In a June 10, 2014 speech entitled “Boards of Directors, Corporate Governance and Cyber-Risks: Sharpening the Focus” delivered at the New York Stock Exchange, SEC Commissioner Luis A. Aguilar highlighted the critical importance of the involvement of boards of directors in cybersecurity oversight. In his speech, Aguilar stressed that “ensuring the adequacy of a company’s … Continue Reading
LexBlog