Business directors need protection with cyber liability insurance
A leading UK lawyer has warned that UK companies need to recognise the risk of cyber-related D&O (directors’ and officers’) liability claims.
After a succession of large-scale data breaches targeted at corporate heavyweights such as Target, Adobe, Sony and the well-documented complex malware attacks Heartbleed bug, Regin spyware and the Shellshock vulnerability these issues have been brought in to sharp focus. With the growing regularity of these attacks and the fact no company is too small to face a cyber attack, liability claims against directors following losses will no doubt increase.
Directors should adjust their procedures to deliver an oversight of cyber security to prevent exposure to breaches of duty, claims of misleading conduct and privacy charges. By law they must also apply reasonable skill and care when performing their duties. In terms of cyber security this involves evaluating data risk, performing adequate training for their staff, ensuring the IT security is acceptable and having a strategy to deal with any potential data breach.
If your company is listed, there are also commitments to notify the stock exchange with any information, for example a cyber-breach that could have an influence on its value or price.
Cyber risk management should not be limited to the IT Department, but a discussion point for the boardroom.