Given that cyberattacks continue to be sophisticated and severe, and cybersecurity continues to be a top concern for regulators, consumers, business partners, and investors, companies should be proactive and devote adequate resources to their security practices and incident response. In addition to the litigation and reputational risks that companies face if they are perceived as having inadequate security practices, regulators are imposing significant fines for data breaches, increasingly calling for greater board oversight of cybersecurity and holding top officials personally liable for allegedly lax security practices. So, based on regulator activities from 2022, what are the top considerations for board members and businesses when it comes to cybersecurity in 2023?
Wilson Sonsini Goodrich & Rosati routinely advises clients on privacy and cybersecurity issues. See here for our companion post here on privacy predictions. For more information about the developments mentioned in this post, or any other information advice concerning U.S. privacy and cybersecurity regulation, please contact Demian Ahn, Megan Kayo, Maneesha Mithal, or another member of the firm’s privacy and cybersecurity practice.
Stacy Okoro contributed to the preparation of this Wilson Sonsini Alert.
[1]Those sectors include: 1) chemical, 2) commercial facilities, 3) communications, 4) critical manufacturing, 5) dams, 6) defense industrial base, 7) emergency services, 8) energy, 9) financial services, 10) food and agriculture, 11) government facilities, 12) healthcare and public health, 13) information technology, 14) nuclear reactors, 15) materials and waste transportation systems, and 16) waste and wastewater systems.