The emergence of the COVID-19 pandemic has pushed many organizations to adjust to work-from-home or hybrid work arrangements with employees. This change in the work environment has created new vulnerabilities in their digital infrastructure that cybercriminals can exploit.
Furthermore, the interconnected structure of modern enterprises has also made it easier for cyber criminals to steal personal or financial information or shut down a network.
Directors and Officers (D&Os) are responsible for protecting the company’s digital assets. However, they cannot always prevent a data leak, which could lead to D&O Insurance claims from shareholders alleging directors broke their fiduciary responsibility by not implementing effective cyber security.
Let’s look at the most recent examples of D&O Insurance claims and how these signal a necessary shift for operating businesses and brokers in mitigating these risks for their clients.
3 Boardroom Lessons From Recent D&O Insurance Claims
When organizations suffer major losses or breaches, top management is often criticized. In the United States, directors and executives are increasingly being held liable for cyber security problems.
In 2017, Equifax, one of the largest consumer credit reporting agencies in the United States, announced a massive data breach, which enabled hackers to access the personal information of 147 million people.
The company admitted that it did not inform the public of this breach until more than a month later. Shareholders filed a securities-related class-action lawsuit against the company, alleging that Equifax did not have adequate cyber security measures to prevent and control the breach and has failed to provide timely and sufficient information following the incident. Plaintiffs recovered monetary damages, costing the company a $425 million settlement in 2022.
A 2019 claim against Yahoo shows how D&O handles cyber security issues. Shareholders held former Yahoo officials and directors liable after a data breach compromised 3 billion user accounts from 2013 to 2016. They reportedly breached their fiduciary obligations by failing to secure customer data. Three lawsuits against the company’s former executive team were settled for $29 million.
Until this settlement, shareholders hadn’t successfully held businesses accountable for cyber security-related breaches. Although a $29 million settlement might seem small for a billion-dollar company like Yahoo, this signaled a shift in D&O liability for cyber security and shows how D&O Insurance claims may result in huge business losses if sufficient liability protection is not in place.
Another recent example of liability can be found in the case of Zoom Video Communications Inc. The platform rose in prominence as a means of communication and teleconferencing amid the pandemic.
However, the company’s stock price dropped once the public became aware of misinformation about the platform’s sharing of personal data with third-party services. The company’s directors were identified as defendants in the fraud complaint, which claimed that the corporation neglected to disclose these concerns. As part of a class-action settlement initiated by its users, the business finally agreed to an historic $85 million payout.
In the light of the growing cyber security threats, the Securities and Exchange Commission proposed a set of rules that mandate cyber security incident reporting and the disclosure of company policies to manage cyber security risks.
Cyber attacks often result in stolen data, loss of resources, and operational disruptions. Common D&O Insurance claims illustrate the importance of having robust cyber security policies, alongside a D&O Insurance coverage that can protect and prevent senior management from being in a precarious position regarding D&O liability.
Cyber attacks may steal data, deplete resources, and disrupt operations. Common D&O Insurance claims emphasize the need for effective cyber security practices and D&O Insurance coverage to protect senior management from liability.
For brokers and insurers, communicating the importance of this coverage and cyber security measures to clients is just as vital as it can affect renewals and terms. These shifts in legal claims demand adequate coverage protection, as any business that stores information can fall victim to data breaches. The first-party cyber liability insurance offered by D&O Insurance can cover the possible costs of these breaches.
Be Your Client’s D&O Expert Broker With the Help of ProWriters
Brokers can defend clients against internal and external threats, including cyber security risks. D&O Insurance claims show how easy it is for management to be accountable, threatening a company’s stability and development. Companies don’t realize they need insurance until they’re sued.
By educating companies on their need for adequate D&O coverage, you can help protect them from these risks and become the expert they trust when they want to invest in their protection. At ProWriters, we ensure brokers have the tools and coverages for the best deal.
Learn more about improving your management liability services to protect D&Os and their companies from client and employee claims.