The following post was originally included as part of our recently published memorandum “Selected Issues for Boards of Directors in 2022”.

A 2021 survey of chief legal officers demonstrated that cybersecurity has overtaken compliance as the most significant legal risk that businesses face today. This should not come as a surprise as 2021 brought a series of high-profile cyberattacks on major companies and U.S. infrastructure targets. Regulators also brought a number of cybersecurity enforcement actions, and announced new rules, guidance and initiatives on ransomware and other cyber-related issues. In addition, after many years of debate, Congress has made some progress in crafting legislation that would require certain companies to report significant cyberattacks and ransomware payments to the U.S. federal government.

To read the full post, please click here.

For a PDF of the full memorandum, please click here.