This article begins by providing an overview of the duty of directors to oversee risk, including cybersecurity risk, in the cyberattack context and then outlines actions that board of directors are taking as reported by surveys, noting commonalities between certain of these actions and recommendations from director institute publications.
Originally published in Bloomberg BNA's Privacy & Security Law Report, 15 PVLR 64 - January 11, 2016.
Please see full publication below for more information.