Anyone reading the business pages know that SPAC IPO activity continues to surge; indeed, we have not yet even officially completed 2021’s first quarter, yet the number of SPAC IPOs completed and the amount of funding raised have both already exceeded the totals for the full year 2020. As I have already noted in prior posts on this site, all of this SPAC activity has already attracted some legal action. At the end of the last week, there were further signs that the legal activity could be about to pick up. As discussed below, news reports circulated late last week that the SEC has sent informal inquiries to Wall Street banks concerning SPACs, and, as also discussed below, a plaintiff shareholder has initiated a class action lawsuit against the directors and officers of a SPAC, among others, in Delaware Chancery Court presenting some alternative liability theories.
Continue Reading Is SPAC-Related Legal Action About to Heat Up?

As I have noted in prior posts, there has been a recent renewed focus among observers of Delaware corporate case law development on breach of the duty of oversight claims (sometimes called Caremark claims in reference to the initial Court of Chancery decision elaborating on the duty of oversight). Indeed, at least one academic commentator has suggested, based on a series of Delaware court rulings during 2019-2020, that we have entered a “new era” of Caremark claims.

But though there have been a number of high profile cases in which breach of the duty of oversight claims have been sustained, a recent Delaware Court of Chancery decision underscores the fact that the pleading hurdles for these types of claims are still substantial, and, indeed, as discussed below, at least one set of commentators has suggested that this most recent decision raises the question whether the pleading bar for these types of claims has changed at all. The Delaware Court of Chancery’s December 31, 2020 decision in Richardson v. Clark can be found here.
Continue Reading Del. Chancery Court: Caremark Claims Against MoneyGram Board Not Sustained

Stark Photo
John Reed Stark
Fontaine
David Fontaine

It is well understood by now that cyber security is a concern for every organization and that it is an issue on which every company’s board should be focused. But what specifically should boards of directors be worried about and what questions should they be asking? In the following guest post, John Reed Stark and David R. Fontaine take a look at the ten cybersecurity concerns on which every board of directors should be focused. John Reed Stark is President of John Reed Stark Consulting LLC, a data breach response and digital compliance firm.  David Fontaine is Executive Vice President, Chief Legal & Administrative Officer and Corporate Secretary of Altegrity, a privately held company that among other entities, owns Kroll’s data breach response services. The authors’ complete biographies appear at the end of the post. This article was previously published on CybersecurityDocket.com, an online global cybersecurity and incident response report, and a division of Docket Media.

I would like to thank the authors’ for their willingness to publish their article on this site. I welcome guest posts from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. The authors’ guest post follows.

*************************************

Every board now knows its company will fall victim to a cyber-attack, and even worse, that the board will need to clean up the mess and superintend the fallout.

Yet cyber-attacks can be extraordinarily complicated and, once identified, demand a host of costly responses. These include digital forensic preservation and investigation, notification of a broad range of third parties and other constituencies,[1] fulfillment of state and federal compliance obligations, potential litigation, engagement with law enforcement, the provision of credit monitoring, crisis management, a communications plan – and the list goes on.

And besides the more predictable workflow, a company is exposed to other even more intangible costs as well, including temporary or even permanent reputational and brand damage;[2] loss of productivity; extended management drag; and a negative impact on employee morale and overall business performance.

So what is the role of a board of directors amid all of this complex and bet-the-company workflow? Corporate directors clearly have a fiduciary duty to understand and oversee cybersecurity, but there is no need for board members (many of whom have limited IT experience) to panic.

Below we compile a list of ten cybersecurity considerations that provide a solid bedrock  of inquiry for corporate directors who want to take their cybersecurity oversight and supervision responsibilities seriously.[3]  This “cybersecurity top ten list” provides the requisite strategical framework for boards of directors to engage in an intelligent, thoughtful and appropriate supervision of a company’s cybersecurity risks.
Continue Reading Guest Post: Ten Cybersecurity Concerns for Every Board of Directors

hbr4The fiduciary duties of members of corporate boards are usually invoked in connection with directors’ potential liability exposures. However, in their January 2015 Harvard Business Review article entitled “Where Boards Fall Short” (here), Dominic Barton, global managing director of McKinsey & Co., and Mark Wiseman, President and CEO of the Canada

weipwcAs I have noted frequently on this blog (most recently here), it is becoming increasingly clear that cybersecurity is viewed as a board level issue. At the same time that many boards have taken up the concerns surrounding cybersecurity issues, their companies increasingly are becoming dependent on cloud computing – which potentially could make