The Liability Landscape for CISOs: Protecting Executives and Key Stakeholders on the Front Lines of Cybersecurity Incidents
8 minute read | May.09.2024

Chief information security officers (CISOs), compliance officers, and other executives responsible for cybersecurity incident response functions face a growing risk of personal civil and criminal liability in connection with data breaches and related disclosures.

Companies should consider developing and implementing protocols to help reduce the potential liability of these stakeholders and foster a culture of transparency, Orrick’s, Aravind Swaminathan, Joseph Santiesteban, Bradley Marcus, and Benjamin Hutten say in a new article in The New York Law Journal.

They discuss best practices that companies can adopt to proactively take measures to reduce the potential liability of key stakeholders in the event of a cybersecurity incident.