As I have noted in prior posts on this site (most recently here), plaintiffs’ lawyers’ claims in cybersecurity-related D&O lawsuits recently have fared poorly. A number of these suits recently have failed to clear the initial pleading hurdles. However, in a ruling last week, the federal judge presiding over the SolarWinds cybersecurity-related securities suits substantially denied the defendants’ motions to dismiss in an opinion that has a number of interesting features, as discussed below. Western District of Texas Judge Robert Pitman’s March 30, 2022 opinion in the case can be found here.
Continue Reading Dismissal Motion Largely Denied in the SolarWinds Cybersecurity-Related Securities Suit

In the latest example of claimants seeking to assert the newly revitalized type of claim for breach of the duty of oversight against corporate boards, plaintiff shareholders have filed a derivative lawsuit in Delaware Chancery Court against certain past and current directors of technology company SolarWinds, based on the massive cybersecurity incident involving the company’s software and systems discovered in December 2020. As discussed below, there are several interesting features of this lawsuit in light of recent developments involving claims for alleged breaches of the duty of oversight. A copy of the heavily redacted publicly available version of the plaintiffs’ complaint against the SolarWinds board can be found here.
Continue Reading Cybersecurity-Related Breach of the Duty of Oversight Claim Filed Against SolarWinds Board

Paul A. Ferrillo

As I noted in a prior post, the recent state-sponsored cyber incident carried out through an attack on SolarWinds has a number of important implications. As noted in the following guest post from Paul Ferrillo, the incident could also have important implications for the cyber insurance marketplace. Paul is a partner in the McDermott, Will & Emery law firm. I would like to thank Paul for allowing me to publish this article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Paul’s article.
Continue Reading Guest Post: SolarWinds – Einstein Failed Us, and the Cyber Insurance Markets will Feel the Squeeze

In my round-up of the Top D&O Stories of 2020, which I published earlier this week, I noted that the recent massive state-actor hack of U.S. government agencies and technology companies underscored the fact that cybersecurity represents a significant operational and management risk for organization of every type. I also noted that cybersecurity-related issues represent an ongoing D&O claims risk. As if to confirm these propositions, the first securities class action lawsuit of the New Year was filed against Solar Winds, the network infrastructure management company whose breached software is believe to have contributed to the recent massive hack. As discussed below, the newly filed complaint highlights the fact that cybersecurity represents a significant potential source of management liability risk.
Continue Reading SolarWinds Hit with Securities Suit Based on Third-Party Governmental Actor Cyber Attack