Business Leaders Must Address Cybersecurity Risk


Assuring cybersecurity has become a necessity for businesses across all industries. According to an FBI study in March 2009, cybercrime — with over $1 trillion in annual revenues — is now the largest illegal global business. Any business with computers and internet access is vulnerable not only from outsiders waiting to pounce but also from within the enterprise as a result of human error or bad intentions. Given the size of this problem, it is not surprising that the National Association of Corporate Directors has stated that to make real progress in the cybersecurity area, businesses must treat cybersecurity as a matter of “corporate best practices” and not just a technology issue. Companies face the risk of substantial damage from loss of customer confidence, decrease in market value and damage to their reputations as well as litigation and regulatory risks in the event of a cybersecurity breach. As October draws near, Cybersecurity Awareness Month sponsored by the Department of Homeland Security may be the perfect time for you to refocus on whether your business has adequately planned for the security of its assets.

From a regulatory perspective, federal and state laws create obligations on how companies must protect data and maintain cybersecurity. Under federal law, certain industries have heightened obligations as a result of laws such as HIPAA and Graham-Leach-Bliley. In addition, the federal securities laws, including Sarbanes–Oxley, or SOX, require that corporate leadership maintain adequate controls over their systems which could be implicated upon a cybersecurity breach. Finally, boards of directors of all companies have fiduciary duties to their companies, such as the duty of care, resulting in individual exposure for corporate leadership upon the occurrence of a loss caused by a cybersecurity breach. While this article is focused on the duties of directors, recent Delaware cases have found officers generally have the same duties as directors.

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Jackson Walker | Attorney Advertising

Written by:


Jackson Walker on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.