Obligations under corporations’ law
There are various obligations under corporations law that may arise in the context of cybersecurity and data breaches. Directors and officers have a duty of care and diligence which extends to understanding their company's cybersecurity strategy and obligations under privacy law. In addition, listed entities have a continuous disclosure obligation to inform the market if a data breach may have a material effect on the price or value of their shares. Obligations will vary depending on the type of entity involved in a data breach.