Thank you for sharing!

Your article was successfully shared with the contacts you provided.

Large, highly publicized cybersecurity events have become so commonplace that it seems each month bring news of a major attack. No one seems to be immune. This observation of the new reality is supported by PwC’s survey of approximately 10,000 companies worldwide. Those companies reported an average of 4,782 cybersecurity incidents apiece in 2016, with more than 200 organizations reporting over 100,000 cybersecurity incidents. PwC, 2017 Global State of Information Survey. A security incident is defined as any adverse incident that threatens some aspect of computer security. So common are these attacks that they have become a regular part of board conversations and, where those conversations are not happening yet, regulators like New York’s Department of Financial Services and groups like the National Association of Insurance Commissioners, are crafting requirements for them to occur. See 23 NYCRR 500.04 (requiring annual board reporting by the Chief Information Security Officer); National Association of Insurance Commissioners, Preliminary Working and Discussion Draft, Insurance Data Security Model Law §4(E)(requiring board oversight of the Information Security Program).

Yet, despite the prevalence of cybersecurity attacks, their impact on business activity, shareholder value, and board and executive management, cybersecurity due diligence remains a relatively secondary consideration in deals transactions. This despite that fact that, in one survey, 82% of respondents said that over the course of 2016 they placed greater emphasis on the cybersecurity policies and practices at target companies. Morrison & Foerster, 2016 M&A Semi Annual Leaders Survey, at 4. And, of those who performed cyber due diligence, 70% reported uncovering compliance problems, while a full third found the target vulnerable to insider attacks—among the most common and pernicious types of cyber attacks. WestMonroe, Testing the Defenses: Cybersecurity Due Diligence in M&A, at 9 (July 12, 2016).

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at customercare@alm.com

Lean Adviser Legal

Think Lean Daily Message

"Nothing gets the hungry lawyer s juices flowing like a big new project, but the temptation to dive in and start lawyering must be resisted. Planning comes before execution. And it is incumbent on the lawyer, not the client, to initiate that planning."

Learn More


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2018 ALM Media Properties, LLC. All Rights Reserved.