Cyber risks could be the next big trigger for lawsuits against directors. Directors could be held responsible for loss to companies and their shareholders if they fail their duty of care by not taking preventative measures against risks such as phishing, improper data manipulation or data loss.
The threat to directors is universal across all sectors as any company utilising technology as a platform or for business support is exposed. In particular, financial institutions need to be very concerned due to the dependence on the confidentiality of their data and the overall exposure relating to online banking. In a recent example, a clothing retailer now faces lawsuits by shareholders alleging that the company failed to prevent a hacker from obtaining details of millions of cardholders and it has already reportedly agreed to a multi-million pound settlement to banks for the same situation.
This is adding another layer of risk to directors who need to take action to protect the assets of their business against cyber crime or else face being sued. Cyber risks are pervasive. Among the measures to respond to these changing exposures, is analysing insurance policy language to maximise the potential coverage when a cyber risk materialises. However, insurance should be perceived as the last resort. Directors must look to prevent the cyber risks in the first place by developing strong IT security defences and business continuity plans which are regularly tested, and heightening awareness among the board to create a security culture.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment