Yes, Officers & Directors Can Be Held Personally Liable for Their Company’s Data Breach – Here’s Why

jeffmullinswebsizeda

“Can I be held personally liable for my company’s data breach?”

That is one of the questions I am asked many times by officers and directors of companies.  For companies doing business in Texas, the answer could be “YES!” although the usual reasons provided are not nearly as straightforward as the one discussed in the video below.

***Please note, this analysis applies only to officers and directors, not regular employees of a company.

Continue reading “Yes, Officers & Directors Can Be Held Personally Liable for Their Company’s Data Breach – Here’s Why”

Cybersecurity Legal Issues: What you really need to know (slides)

Shawn Tuma delivered the presentation Cybersecurity Legal Issues: What you really need to know at a Cybersecurity Summit sponsored by the Tarleton State University School of Criminology, Criminal Justice, and Strategic Studies’ Institute for Homeland Security, Cybercrime and International Criminal Justice. The presentation was on September 13, 2016 at the George Bush Institue. The following are the slides from Tuma’s presentation — a video of the presentation will be posted soon!

Continue reading “Cybersecurity Legal Issues: What you really need to know (slides)”

3 Key Points the Board Needs to Know About Cybersecurity

Officer and director liability for cybersecurity incidents is a hot topic. It will only get hotter because, when it comes to risks impacting the company, the buck stops at the Board of Directors. As it should.

Cybersecurity and corporate governance law are converging to develop a duty for the Board to be involved in cybersecurity issues that affect the company. (related posts) The question is, however, on how granular of a level should the Board’s role be when it comes to cybersecurity? Continue reading “3 Key Points the Board Needs to Know About Cybersecurity”