Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

Emerging Cyber Risk for Directors & Officers Grow in Frequency


Emerging Cyber Risk for Director & Officers Grow in FrequencyRecent Conference Highlights Emerging Cyber Risk for Directors & Officers

Earlier in June of this year, we wrote about the increased importance of the role by boards of directors in cyber security, brought to light in the wake of several high-profile data breach cases such as Target, and the call from SEC Commissioner Luis Aguilar in May for corporate boards to ensure they’re taking the necessary steps to address and oversee their companies’ cyber risks. In addition, separate reports by Deloitte and Advisen over the last year or so have cited cyber threats as an emerging risk for directors and officers.

The Advisen report, for example, stated, “what began as a nuisance for a few is now a major concern for most corporations.” In fact, the report warned that cyber attacks can expose businesses to catastrophic losses, including class-action lawsuits, breach notification costs and reputational damages, just to name a few of the costly consequences. These losses, in the most severe cases, can lead to bankruptcy, and depending on the size and nature of the company, could have broader economic and national security implications, stated the report.

Cyber-related directors & officers claims continue to be a top-of-mind risk issue as discussed at the recent Professional Liability Underwriting Society’s (PLUS) annual conference in Las Vegas earlier this month. The takeaway from the conference among the lawyers interviewed by trade publication Business Insurance is that boards of directors should adapt their protocols to provide better oversight of cyber security. “While there have been a limited number of cyber-related D&O claims to date, they are coming,” said Douglas W. Greene, a shareholder at law firm Lane Powell P.C. in Seattle. What’s more, he noted that while stock prices have not been affected long-term by cyber incidents, which has been an impediment to D&O litigation, “that is bound to change; and when it changes, and stock prices start to drop upon disclosure of a breach … the plaintiffs lawyers will be there.”

One reason the situation will change, according to Greene, is that “companies are going to start competing on the basis of cyber security.” He also cited the SEC’s interest in the issue, as we highlighted earlier. “While litigation to date has been dominated by consumer class actions, a future issue will be intellectual property theft and impairment of company assets. Those claims will start to come up as the SEC scrutinizes data breaches, and whistleblowers start to speak up,” said Greene.

Examples of emerging cyber-related exposures for corporate directors and offices, courtesy of Advisen’s report include:

  • Updated disclosure obligations relating to cyber security risks and incident under the SEC, as of 2011. The updated disclosure guidance puts the onus on every public company to disclose in their securities fillings exposures to a data breach or attack or other cyber incident that a reasonable investor would consider important to an investment decision.
  • FTC “Red Flag Rule”, which requires many companies to adopt an identity theft protection program that identifies warning signals of identity theft. The objective is to detect an incident before it escalates into an expense identity theft episode, and to take appropriate action. The rule requires the program be approved by the board of directors or a committee designated by the board.
  • Heightened involvement by government agencies and law enforcement in network security incidents that require organizations to manage a diverse set of information requests.

Axis Insurance Services specializes in helping companies address their cyber liability risks with Privacy & Network Security insurance coverage. We work with leading carriers in this area and can design a policy that will address your first- and third-party exposures in the event of a data breach or other cyber threat. Give us a call at (877) 787-5258 to discuss your company’s needs.

Sources: Advisen, Business Insurance

Comments

comments

Blogged on: November 19, 2014 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions