Withstronger rulesrequiring disclosure of cyber risk and cyber breaches, 2023 has seen heightened
Chargesthe
Given the environment of increased enforcement activity, companies must be aware of potential exposures to themselves and their CISOs related to cyber disclosure, and they should be taking steps to mitigate those risks. Protection for CISOs is particularly important given that they may be individually targeted by the
Companies should implement rigorous training programs that will put them in the best position to avoid enforcement actions for failures to detect and disclose cybersecurity weaknesses. Part of that training should include educating CISOs on the mechanism for promptly reporting cyber incidents to those who need to know and information on how to interact with the company's disclosure committee. Taking these steps will not only protect CISOs when it comes to
Along with cybersecurity training, another way companies can protect their CISO is by ensuring that their Directors and Officers (D&O) insurance programs cover CISOs, just as they protect other company officers, including CEOs and CFOs. While cyber liability insurance is important, cyber coverage typically protects against unauthorized access to a company's computer system or data loss or theft, but does not safeguard CISOs against enforcement actions that may arise from decisions and actions taken as part of their duties. Ensuring that CISOs are protected under the company's D&O coverage can provide executive officers with valuable peace of mind and the critical funds needed to defend against what could be very costly enforcement actions following a breach, as well as for indemnity against potential judgments or settlements.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
Ms
Suite 1100
DC 20004-2595
Tel: 202624.2500
Fax: 202628.5116
E-mail: mbrandt@crowell.com
URL: www.crowell.com
© Mondaq Ltd, 2024 - Tel. +44 (0)20 8544 8300 - http://www.mondaq.com, source