Paul Ferrillo is partner at McDermott Will & Emery LLP; Bob Zukis is Adjunct Professor of Management and Organization at the USC Marshall School of Business; and Christophe Veltsos is a Professor at Minnesota State University.
As the United States continues to reel under the systemic risks and failures of the expanding coronavirus, cybersecurity risk remains a present and escalating threat to America’s companies and its future. At the same time, the amount of business value reliant upon digital technologies continues to grow.
An accurate understanding of digital and cybersecurity risk is vital to protect investor and public interests now, and into the digital future. Both business risk and litigation risk will continue to grow alongside the migration to the digital future.
And regulators have taken notice. The SEC wants registrants to do a more specific job with risk factor disclosure and to specifically up their game with regard to cybersecurity risk disclosure.
Disclosure plays an important role in risk understanding, reduction, and litigation risk management. When it comes to vigorously defending cybersecurity breaches during litigation, companies depend upon both their actual duties of risk oversight and management, and what they’ve disclosed about risk.