Shearman & Sterling LLP multinational law firm headquartered in New York City, United States.

data privacy, cloud, circuit board

Feb 20, 2018

Shearman & Sterling Lawyers Co-Author Two-Part Series on Board’s Shifting Role in Cyber


Jump to...


As large-scale data breaches become regular occurrences and new regulations are implemented, shareholder derivative suits are increasingly being used by investors seeking to be made whole after data breaches. Boards of directors need to take note and understand the increasing costs and risks these suits pose. In a two-part article series for the Cybersecurity Law Report, associates Marc Elzweig (Menlo Park-Privacy & Data Protection) and David Lee (New York Corporate Group) review the evolving understanding of the board of directors’ responsibility for cybersecurity and consider recent shareholder derivative suits filed in the wake of data breaches as case studies in Part one.  Part two draws on the recent cases and identifies five lessons that boards may learn from these suits – lessons that are applicable to companies seeking to assess litigation risks related to data breaches and that also provide a practical starting point for managing cybersecurity risks in general.

Read part one of the article.
Read part two of the article.

Authors and Contributors

Marc Elzweig


Intellectual Property Transactions

+1 650 838 3815

+1 650 838 3815

Menlo Park