Target Case a Cyber Warning to Corporate Directors

U.S. District Judge Paul A. Magnuson’s recent dismissal of a shareholder derivative lawsuit filed in connection with Target Corp.’s 2013 cyber breach “is a warning to company directors to keep on top of cyber-related issues,” cautions Business Insurance (July 19, Greenwald) in quoting attorney Craig A. Newman, a partner with Patterson, Belknap, Webb & Tyler LLP in New York. The Target ruling illustrates that corporate directors “should be well beyond thinking security is just an information technology issue,” said Newman. “Board members must have the ability to ask the right questions and, as importantly, assess the answers.” While they do not have to be data security law experts, he adds, they must exercise sufficient oversight of data security as the risks will only get more sophisticated. “From a sitting board member’s perspective,” Newman concluded, “it is all about preparing, making sure all the right questions are being asked, and steps are taken at the top to insure that data security is [a] priority.”