Randal Milch and Zachary K. Goldman
Corporations seeking to manage the asymmetric cyber threat environment face a range of pressures. T e current unstable legal landscape makes management’s day-to-day approach to the persistent and mounting challenge all the more difficult. Companies face an increase in activity by the plaintiffs’ bar and inconsistent regulatory attention by the various government agencies involved in cybersecurity. Amidst this uncertainty, however, the obligations of boards of directors in the management of corporate risks—including cyber risks—remain clear.