From the Top Down

For many companies, the issue of cybersecurity is a vital and growing concern, and a key item for consideration by board members, despite a potential lack of expertise in that area. To assist in identifying key items for consideration, Skadden Arps Slate Meagher & Flom has released a memorandum, as published on, recommending board members focus on the following areas:

  • As new cyberthreats emerge, revisit existing continuity plans and insurance – with ransomware a growing threat, and DoS attacks seeing increases in potential magnitude, old plans and policies may not be accurately tracking the potential needs and exposure of companies, in the event they unexpectedly find themselves as a target.
  • Ensure disclosures are up to date and comprehensive – the SEC had made recent indications of enforcement actions with respect to disclosures associated with cyber incidents.  As a result, companies should review their history of disclosures to ensure they’re communicating relevant information as appropriate in a timely manner.
  • Reconsider cybersecurity compliance – as legislative bodies continue to introduce new regulations, board members should perform regular reviews to confirm that their companies are still in compliance with new standards, for all regions in which they are doing business.