A new SEC cyberattack reporting rule has left public companies and insurers exposed to potential regulatory probes and shareholder class actions alleging senior executives failed to supervise their businesses’ cybersecurity practices.
The US Securities and Exchange Commission recently issued rules that formally outlined directors’ responsibilities in cybersecurity governance for the first time, laying the groundwork for potential enforcement actions.
The rule also set a road map for investors to bring derivative claims alleging a company’s senior executives breached their fiduciary duty by failing to manage cyber risks. And it put insurers on alert that they could find themselves exposed to ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.