R&C: How would you characterise the risks the cyber security landscape presents to the directors & officers (D&Os) of a company?

MacCabe: The biggest risk facing directors and officers (D&Os) is often their lack of understanding and attention to the risks posed by cyber risks. Many C-suite executives wrongly assume that it is an IT issue and have overlooked the significant operational and reputational damage it can cause. Post the widespread and highly publicised WannaCry and NotPetya attacks last year, many senior management teams have started to take notice. These incidents demonstrated the first-party and third-party risks a cyber security incident can create. With class actions now being brought in the US against D&Os of firms that have experienced a cyber breach, D&Os need to make sure that cyber risk is at the top of their corporate risk agenda. In the current climate, executives who do not prioritise time and investment in planning and testing specific breach response crisis plans – vital to surviving a cyber attack – are opening themselves up to significant personal financial risk.

Jul-Sep 2018 Issue

Beazley Group plc

Holland & Knight LLP

Norton Rose Fulbright LLP