Cyberspace has upended the way we interact and most of us are constantly hooked to it, creating value, and doing many other things. More people with their computers and a multitude of other devices are present in cyberspace, increasing both the size and diversity of the web, enhancing as well as novel cyber risks for users.
Numerous policies and regulatory measures have been proposed and also adopted lately to advance the security of users, through data protection as well as in the areas of financial services, maritime, aviation, medical devices and electronic communications.
Directors and company officers also face risks of personal claims for negligence or breach of fiduciary duty here. In the US, direct legal action has been taken against company directors, due to a cybersecurity breach. In the EU, the NIS2 directive also mandates management bodies of relevant organisations to review cybersecurity risk-management measures being implemented, oversee their implementation, and make them personally liable for failures with respect to the implementation of cybersecurity risk-management measures.
From a data protection perspective, the responsibilities of the data controllers…
