Cybersecurity Litigation Review

This blog post was submitted in dialogue with the recent PLUS webinar “Cyber Risk is a D&O Risk.” You can view the recording of this webinar and past free webinars on the PLUS website here.

If you have blog content you’d be interested in submitting, please reach out to Katie Campbell at kcampbell@plusweb.org.

John Cheffers was hired to be a Director of Research for Watchdog Research in 2019 and creates content that is featured on the company blog.  He obtained his J.D. from Ave Maria School of Law in Naples Florida in 2019, where he was a member of the Law Review and graduated magna cum laude. Prior to that he worked for Audit Analytics as a Research Analyst.

Cybersecurity has gone from a niche concern to a hot topic in the D&O insurance world.  On September 23rd, this week, PLUS hosted a webinar on how companies can strategically handle cybersecurity concerns.  The speakers offered tremendous perspective on this dynamic and growing area, and we encourage everyone to listen to their fascinating conversation.

We are an independent research provider that uses an extensive database of public information to create easy-to-use reports for over 4,500 publicly traded companies.  Since we track cybersecurity incidents and all material litigation for public companies, we thought we could use this as an opportunity to provide a little color to the important discussions concerning cybersecurity.

Overview

We began by looking at incidents that occurred at companies listed on the NYSE and Nasdaq over the past ten years, and the growth rate of cybersecurity incidents is alarming: 

*The graphs and tables in this post were created by Joseph Burke, PhD, and derived the Audit Analytics database.

In 2010, only 0.1 % of companies reported a cybersecurity incident. In 2019, 2.2% of companies reported a cybersecurity incident. The growth of cybersecurity incidents over the past five years has been incredible and it is not clear when it will slow down. 

Another interesting facet is that the risk of a cybersecurity incident is much higher at a large company that it would be at a small company. Attacks on large companies are driving much of the growth in these numbers.

Cybersecurity Security Class Actions

A cyberbreach at a company creates all sorts of problems, including litigation. We identified all the security class action suits that were brought over cybersecurity issues and calculated the likelihood of being named in one of those suits. Unsurprisingly, the last ten years has shown significant growth in the risk of being named in a cybersecurity related lawsuit.

It is important to note that these percentages are for all companies.  Large cap companies have a significantly probability than is represented in the graph because they are both more likely to be the victim of a cybersecurity incident and are generally more likely to have a securities class action suit filed against them.  

Cybersecurity as a Leading and Covariate Indicator

Two of our researchers, Joseph Burke PhD and Joseph Yarbrough PhD, wrote a research paper calculating when particular flags from our reports were associated with an increased risk of securities class action litigation for 2014-2018. Companies with a cybersecurity incident were almost three times as likely to get named in a securities class action lawsuit the year that the incident occurred.

Additionally, cybersecurity incidents were one of the six leading indicators of securities class action suits.  An event is considered a leading indicator of litigation if the occurrence of that event is associated with an increased risk of litigation for the following year. 

Conclusion

The chance of being involved in a cybersecurity securities class action lawsuit is still relatively low, but it is increasing rapidly. Additionally, the risk profile is far higher for large companies, which are more likely to be a victim of a cybersecurity incident and more likely to get named in a securities class action lawsuit. 

If company boards wish to prevent having their company victimized twice (by hackers and by lawyers), then they need to make wise and strategic decisions to confront this growing threat.

D&O Perspectives on Coronavirus: Part 4

Join Kevin LaCroix, Carl Metzger, and Rob Yellen for Part 4 of their discussion on D&O Perspectives on Coronavirus. These speakers continue to look at possible effects of COVID-19 from a variety of D&O perspectives. This recording is part of the ongoing PLUS series PL Perspectives on Coronavirus—past recordings are here on the PLUS Blog, and stay tuned for more discussions to be posted in the coming weeks.

Listen here to D&O Perspectives on Coronavirus, Part 4:

Speakers:

KevinLaCroix2019Kevin LaCroix, Executive Vice President at RT ProExec

Kevin LaCroix is an Executive Vice President at RT ProExec, Beachwood, Ohio, a division of R-T Specialty, LLC. RT ProExec is an insurance intermediary focused exclusively on management liability issues. Kevin is also the author of the Internet weblog, The D&O Diary, which the New York Times called “influential” and the Wall Street Journal described as “widely followed.” Kevin has been involved in directors’ and officers’ liability insurance issues for more than 35 years.

Metzger_E_CarlCarl Metzger, Partner and Chair of Risk Management & Insurance at Goodwin Proctor

Carl Metzger is a partner in Goodwin’s Financial Industry and Business Litigation practices and Chair of the firm’s Risk Management & Insurance practice and Chair of the firm’s Partnership Committee. His clients include both public and private companies, major insurance carriers and brokerages, private equity and venture capital firms and non-profit and educational institutions. 

Rob YellenRob Yellen, Executive Vice President, D&O and Fiduciary Liability Product Leader, FINEX at Willis Towers Watson

With over 28 years of Financial Lines industry experience, Rob Yellen is a respected leader in the management and professional liability space. He currently works with Willis Towers Watson, FINEX NA brokers and claims advocates to identify and track developments in risk, coverage and markets, and with our business partners to develop innovative, best-in-class strategies and solutions. Rob joined Willis Towers Watson in 2015 from AIG where, during his 14-year tenure, he served in several key leadership roles–including Chief Underwriting Officer, Financial Lines, U.S. and Canada and, most recently, Head of Product Development for Financial Lines–globally and for the Americas Region.

D&O Perspectives on Coronavirus: Part 3

Join Kevin LaCroix, Carl Metzger, and Rob Yellen for Part 3 of their discussion on D&O Perspectives on Coronavirus. These speakers continue to look at possible effects of COVID-19 from a variety of D&O perspectives. This recording is part of the ongoing PLUS series PL Perspectives on Coronavirus—past recordings are here on the PLUS Blog, and stay tuned for more discussions to be posted in the coming weeks.

Listen here to D&O Perspectives on Coronavirus, Part 3:

Speakers:

KevinLaCroix2019Kevin LaCroix, Executive Vice President at RT ProExec

Kevin LaCroix is an Executive Vice President at RT ProExec, Beachwood, Ohio, a division of R-T Specialty, LLC. RT ProExec is an insurance intermediary focused exclusively on management liability issues. Kevin is also the author of the Internet weblog, The D&O Diary, which the New York Times called “influential” and the Wall Street Journal described as “widely followed.” Kevin has been involved in directors’ and officers’ liability insurance issues for more than 35 years.

Metzger_E_CarlCarl Metzger, Partner and Chair of Risk Management & Insurance at Goodwin Proctor

Carl Metzger is a partner in Goodwin’s Financial Industry and Business Litigation practices and Chair of the firm’s Risk Management & Insurance practice and Chair of the firm’s Partnership Committee. His clients include both public and private companies, major insurance carriers and brokerages, private equity and venture capital firms and non-profit and educational institutions. 

Rob YellenRob Yellen, Executive Vice President, D&O and Fiduciary Liability Product Leader, FINEX at Willis Towers Watson

With over 28 years of Financial Lines industry experience, Rob Yellen is a respected leader in the management and professional liability space. He currently works with Willis Towers Watson, FINEX NA brokers and claims advocates to identify and track developments in risk, coverage and markets, and with our business partners to develop innovative, best-in-class strategies and solutions. Rob joined Willis Towers Watson in 2015 from AIG where, during his 14-year tenure, he served in several key leadership roles–including Chief Underwriting Officer, Financial Lines, U.S. and Canada and, most recently, Head of Product Development for Financial Lines–globally and for the Americas Region.