As this blog’s readers know, there have been a number of management liability claims that have been raised against companies that have experienced cybersecurity incidents. In the following guest post by Paul Ferrillo and Chris Veltsos, the authors argue that cyber risk is in fact D&O risk and that the risk is growing. The authors also suggest a 10-step plan to grapple with the risk. Paul is a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice. Chris is a professor in the Department of Computer Information Science at Minnesota State University, Mankato where he regularly teaches Information Security and Information Warfare classes. My thanks to thank Paul and Chris for allowing me to publish this article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul and Chris’s article. Continue Reading Guest Post: Time to Face the Music – Cyber Risk is D&O Risk – And Things Are Getting Worse!
Every year after Labor Day, I take a step back and review the most important current trends and developments in the world of Directors’ and Officers’ liability and D&O insurance. This year’s review is set out below. Once again, there are a multitude of things worth watching in the world of D&O. 
One way or the other, I have been doing D&O for more than 35 years. One of the reasons I love what I do is that there is always something new and so I am always learning. This week’s new thing is a recent ruling by a federal district court ruling that a debtor’s insurer could not rely on a bankruptcy exclusion in the debtor’s D&O policy to deny coverage for an underlying claim because the exclusion violates the bankruptcy code’s probation against ipso facto provisions in executory contracts. In all my years, I don’t believe I have ever run across the bankruptcy code’s ipso facto provision prohibition, so the district court’s ruling in this case was a learning opportunity for me – and I suspect it will be for most readers as well. 
In July, the Seventh Circuit issued a 
In a development that some may find more than a little bit ironic, U.K.-based litigation finance firm Burford Capital has been hit with a securities class action lawsuit following a drop in its share price after a short seller published a report questioning the company’s financial reporting. Burford has denied the short seller’s allegations and has also raised interesting questions about trading in its securities at the time of the research report’s release. A copy of the August 21, 2019 complaint filed against the company and certain of its executives can be found 
In an interesting development in a long-running legal battle in which for-profit education company Apollo Education Group is seeking D&O insurance coverage for its $13.125 million settlement of an options backdating-related securities class action lawsuit, the Ninth Circuit has certified to the Arizona Supreme Court the question of the standard of law to be applied to the insurance policy’s consent to settlement provisions. The Arizona Court’s response to the certified question potentially could have important implications for the meaning and application of similar provisions in other D&O insurance policies. The Ninth Circuit’s August 15, 2019 opinion certifying the question to the Arizona court can be found 
It is not uncommon for corporate boards facing shareholder derivative litigation to appoint a special litigation committee to investigate the allegations that the plaintiff shareholder raised in the suit. However, in an unusual development in the shareholder derivative lawsuit pending in Delaware against directors and officers of Oracle, the company’s board’s special litigation committee (SLC) has advised the court that the committee of three independent directors believes it is in the company’s best interest to allow the lead plaintiff (rather than the committee itself) to proceed with the claims on behalf of Oracle. Alison Frankel’s August 19, 2019 post on her On the Case blog discussing the Oracle derivative lawsuit and the SLC’s letter to the court can be found 
Class actions are of course well-established in the United States, but class action litigation has never been as well-developed in the UK. Among a number of reasons for this arguably is the lack of an “opt-out” class action procedure in the UK. However, as detailed in an interesting July 2019 memo by Colin Hutton of the CMS law firm entitled “Opt-Out Class Actions in the UK: Are We Entering a New Era in Litigation?” (