What Corporate Directors Need to Know about Cybersecurity

Corporate directors should understand their companies’ cybersecurity risks and proactively participate in decisions about what to do to mitigate them.

• Public company officers and directors may face legal liability for ignoring cybersecurity risks.
• The SEC likely will issue new guidance concerning required disclosure in connection with a cybersecurity incident.
• Directors should also understand and participate in decision-making about other protections such as insurance and SAFETY Act certification.