The recent cyber attack on retail giant Marks & Spencer has raised serious concerns about the responsibilities of company directors when it comes to cybersecurity. As the digital landscape evolves, a director’s duty to ensure robust cybersecurity measures cannot be overlooked. This article discusses what directors need to do to fulfil their obligations amidst increasing cyber threats.
Key Points
- The recent cyber attack on Marks & Spencer wiped £500 million off its market value, highlighting the real-world effects of cyber incidents.
- All company directors must comply with their obligations as outlined in the Companies Act 2006, which includes exercising reasonable care, skill, and diligence.
- Directors are advised to ensure adequate cybersecurity measures are in place, including emergency response plans for potential breaches.
- The UK Government stresses the importance of prioritising cybersecurity to protect businesses and consumers alike.
- There are defences available for directors against breaches of duty, provided they acted honestly and reasonably.
Why should I read this?
If you’re a director or involved in company management, this article is a wake-up call! It lays out precisely what you need to do to stay compliant and protect your organisation from cyber risks. Don’t wait for an incident to happen; arm yourself with the info on your duties so you can make sure you’re not caught out when the hackers come knocking.