CEOs could soon be personally liable for cyberattacks
Within four years, the majority of CEOs will be held personally responsible for cyberattacks that lead to injury and other physical damage.
This is according to a new report from Gartner, which asserts that liability for cyber-physical security incidents will “pierce the corporate veil to personal liability” for 75 percent of CEOs by 2024. Cyber-physical systems (CPS) are described as digital systems that interact with the physical world, such as IoT devices or operational technologies (OT).
“Regulators and governments will react promptly to an increase in serious incidents resulting from failure to secure CPSs, drastically increasing rules and regulations governing them,” said Katell Thielemann, Research Vice President at Gartner. “In the US, the FBI, NSA and Cybersecurity and Infrastructure Security Agency (CISA) have already increased the frequency and details provided around threats to critical infrastructure-related systems, most of which are owned by private industry. Soon, CEOs won’t be able to plead ignorance or retreat behind insurance policies.”