Cyber Loss Mitigation for Directors
Overview
Cyber risk has become a major potential loss exposure for almost any company. As with any other exposure, directors should confirm that reasonable steps are taken to identify, mitigate, respond to, and recover from third parties relating to cyber-related problems when they arise. However, because of the potentially severe nature of this risk, the directors’ oversight role in this area should be particularly robust and include their legal duties and loss mitigation practices around two distinct timeframes: what directors should do prior to a cyber incident and when a cyber incident occurs.