The Board of Directors’ Duty of Oversight and Cybersecurity
Over the last several years, cyberattacks, including from foreign state actors, have affected thousands of companies and government agencies. Past corporate victims include Yahoo!, Home Depot, and LinkedIn. And the real world consequences of a cyberattack became vivid to the Americans public in May 2021, when the operator of the Colonial Pipeline was compromised. As a consequence of the attack, the pipeline, which provides roughly 45 percent of the gasoline and other types of fuel for the East Coast, had to be shut down for six days. The stoppage precipitated a run on gasoline along parts of the East Coast and left thousands of gas stations without fuel.1
This article originally appeared in The CLS Blue Sky Blog - Columbia Law School's Blog on Corporations and The Capital Markets. Eduardo Gallardo is on the advisory board and a regular contributor.