cybersecurity

Subscribe to cybersecurity via RSS
Sarah Abrams

Recent reports have brought to light the disturbing story that many companies may have unwittingly hired North Korean operatives as outsourced IT professionals. In the following guest post, Sarah Abrams, Head of Claims Baleen Specialty, a division of Bowhead Specialty, considers the potential claims exposure that could arise for companies that have hired the North Korean operatives. I would like to thank Sarah Abrams for allowing me to publish her article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is Sarah’s article. Continue Reading Guest Post: North Korean Hiring Exposure

The directors’ and officers’ liability environment is always changing, but 2024 was a particularly eventful year, with important consequences for the D&O insurance marketplace. The past year’s many developments also have significant implications for what may lie ahead in 2025 – and possibly for years to come.  I have set out below the Top Ten D&O Stories of 2024, with a focus on future implications. Please note that on Wednesday, January 15, 2025 at 11:00 AM EST, my colleagues Marissa Streckfus, Chris Bertola, and I will be conducting a free, hour-long webinar in which we will discuss The Top Ten D&O Stories of 2024. Registration for the webinar can be found here. I hope you can join us for the webinar.Continue Reading The Top Ten D&O Stories of 2024

As I noted last week, President-Elect Donald Trump has indicated his intent to name former SEC Commissioner Paul Atkins as SEC Chair in the upcoming new administration. Atkins’s appointment, as I noted in last week’s post, could mean significant changes to the agency’s regulatory approach and enforcement priorities. Observers and commentators have continued to weigh in on the potential implications of Atkins’s appointment, and, as discussed below, academic commentators have tried to emphasize the importance of monitoring the agency closely under the new administration to ensure that it continues to be able to fulfill its traditional mission.Continue Reading More About the SEC Under the Incoming Presidential Administration

Earlier this week, the SEC announced that it had filed settled charges against four companies for alleged misleading disclosures concerning cybersecurity incidents at the companies. The charges against the companies arose out of the SEC’s investigation of companies potentially affected by the compromise of SolarWinds’ Orion software. One of the four companies was additionally charged with disclosure controls and procedures violations. Without admitting or denying the SEC’s charges, each company agreed to the entry of a cease-and-desist order against them. The companies agreed to pay civil penalties ranging from $4 million to $990,000. The SEC’s October 22, 2024, press release about the charges against the four companies can be found here.Continue Reading SEC Charges Four Companies for “Downplaying” Cyber Incidents

Here at The D&O Diary, we track new securities class action lawsuit filings to identify emerging litigation trends and to track filings that reflect existing trends. Every now and then, we spot new suits that reflect multiple different trends in a single complaint. A new securities lawsuit filed earlier this week against Chinese online retailer PDD Holdings (formerly known as Pinduoduo) is an example of one of these multi-trend suits. As discussed below, the lawsuit shows how privacy-related issues, cybersecurity issues, and geopolitical issues can translate into securities class action litigation. A copy of the August 13, 2024, complaint against PDD can be found here.Continue Reading Online Retailer Hit with Privacy, Security, and Forced Labor-Related Securities Suit

In an action the SEC’s two Republican Commissioners sharply criticized in a separately-issued statement, the SEC has filed settled charges against business communications services provider R.R. Donnelly & Sons (RRD) relating to the company’s disclosure and accounting controls in connection with cybersecurity incidents the company suffered in late 2021. The company, which the SEC credited for its cooperation and remedial measures, agreed to pay a $2.125 million civil penalty and voluntarily adopted corrective processes and procedures. The settled action provides strong indications of the measures and controls the agency expects reporting companies to adopt and implement with respect to cybersecurity.Continue Reading SEC Files Settled Charges Based on Alleged Cybersecurity-Related Control Deficiencies

In the following guest post, Ed Whitworth, the Head of Financial Lines at Inigo, and Yera Patel, Chief Legal officer and Head of Financial Lines Claims for Inigo, summarize the results of a recent survey Inigo conducted of U.S. securities litigation defense counsel. The original of the survey summary previously was published on Inigo’s blog, here. I would like to thank Ed, Yera, and Inigo for allowing me to publish the report summary on this site. I welcome guest post submissions from responsible authors on topics of interest to the blog’s readers. Please contact me directly if you would like to submit a guest post. Here is the authors’ article. Continue Reading Guest Post: Inigo’s 2024 Defense Counsel Survey

In what is apparently the largest privacy and cybersecurity-related securities class action lawsuit settlement ever, the parties to the Alphabet Google+ user data securities suit have agreed to settle the action for $350 million. As discussed below, this massive settlement, which is subject to court approval, is significant for a number of important reasons. A copy of the parties’ February 5, 2024, Stipulation of Settlement can be found here. The plaintiffs’ February 5, 2024, motion for preliminary settlement approval can be found here.Continue Reading Alphabet Google+ User Data Privacy-Related Securities Suit Settles for $350 Million

Nelson Kefauver

In the following guest post, Nelson Kefauver, Head of Profin Underwriting at Intact Insurance, takes a look at how three frequent industry predictions from the recent past have turned out.  Nelson’s comments are specific to the private and non-profit D&O insurance space and not do not refer to the public company D&O insurance