The legal and regulatory worlds surrounding cybersecurity and data privacy have changed a lot in the last two years. When was the last time your organization’s director and officer insurance policy was reviewed? Does your policy provide adequate protection in case of a data breach or cybersecurity issue? Have you stopped to consider not only the domestic (e.g., U.S.) risks, and the potential damages, but also the international risks?
The article below describes the personal liabilities that directors and officers could face when a data breach or cybersecurity incident occurs in India. As the article points out, although the fines may not seem like much (between 100,000 and 500,000 Rupees), they are assessed on the individual officers and directors, and multiple penalties can be assessed depending on the circumstances. This can quickly add up when multiple issues and multiple individuals are involved. It is incumbent upon officers and directors to ensure that their organizations are meeting their cybersecurity and data privacy requirements.
To meet their statutory and ethical obligations, Officers and directors need, at a minimum:
- actionable information about the organization’s efforts to improve the overall cybersecurity and data privacy posture;
- independent validation that the day-to-day policies and procedures are being followed; and
- business-based reporting that demonstrates that the efforts, policies, and procedures are in alignment with the organization’s priorities.
Fathom Cyber helps put this information, and more, at their fingertips. We make cybersecurity and data privacy make sense.