Category Archives: Risk management

FERC and NERC Talk Grid Resilience and Cybersecurity

On March 22, 2019, Foley Hoag hosted the New England Electricity Restructuring Roundtable, organized by Raab Associates. The roundtable featured keynote addresses by Federal Energy Regulatory Commission (“FERC”) Commissioner Cheryl LaFleur—who recently announced she will be stepping down later this year—and North American Reliability Corporation (“NERC”) CEO and President James Robb. Both took turns addressing the most pressing issues in energy. … More

Is Your Company’s Board of Directors Cyber Savvy?

Every company should expect that at some point it will experience a data breach. Whether as a result of hackers, disgruntled employees, or careless acts such as losing an unencrypted phone or laptop, data breaches may subject companies to liability and must be handled with speed and great care. What are the responsibilities of directors in preventing and addressing data breaches?

Without a doubt, directors must be generally aware of the data security risks facing the company and ensure that the company is prepared to manage those risks appropriately and has an incident response plan for a data breach.… More

Minimizing Litigation Risk: What Cybersecurity Auditors Can Learn From Their Financial Statement Auditor Analogues

Data breaches – always critically important to those with responsibility for storing, transporting and protecting electronic information – have become an all-consuming topic of late. Stories about data theft dominate political headlines, boardroom discussions, and family meetings around the dinner table.  They, of course, have also been the subject of government investigations and private litigation.

The current environment is not unlike other moments in our recent past that seemed to have captured the attention of Wall Street,… More

Cyber Insurance: Prevalent But By No Means Ubiquitous

A recent survey from the credit score company FICO has some interesting numbers on the prevalence of cyber insurance in the US.

  • 50% of US companies have no cyber insurance.
  • 74% of US healthcare companies have no cyber insurance.
  • 27% of US companies say they have no future plans to acquire cyber insurance.

Today, you can expect the more traditional types of business insurance,… More