Cybersecurity And The Board’s Responsibilities – ‘What’s Reasonable Has Changed’

Monday, August 6, 2018

Michael Yaeger focuses his practice on white collar criminal defense and investigations, securities enforcement, internal investigations, accounting fraud, cybercrime/cybersecurity and data security matters, as well as related civil litigation. Yaeger also leads internal investigation and cybercrime-related representations for financial services companies and provides guidance on drafting written information security plans and incident response plans for investment advisers.

A thought leader in the industry, Yaeger has been featured in numerous articles on cybersecurity, including “Proactive Steps to Prevent Legal Pitfalls in Bug Bounty Programs,” The Cybersecurity Law Report, “Cyber-SARS: Anti-Money Laundering and Cybersecurity Rules,” The Hedge Fund Journal, “NYDFS Revises Its Proposed Cybersecurity Regulation for Financial Services Companies,” among many, many others.

Christopher P. Skroupa: Where does cybersecurity fit in the Board's accountabilities to all company stakeholders?


Michael Yaeger: One basic function of a modern corporate Board is to oversee risk management, and many risks do not present themselves as cybersecurity issues. These include risks to the customers’ personal information, of course, which comes with regulatory risks by the FTC, state attorneys general and private securities suits.

 FORBES, 04.19.2018

Click here for more...