CSL CSL Corporate Liability & Risk Management

Question 1

Under which legal theory can a corporation be held liable for cybersecurity failures of its officers if those failures resulted in harm to shareholders?

Accepted Answer

Breach of fiduciary duty

Answer

Respondeat superior

Answer

Negligence per se

Answer

Strict liability

Question 2

What is the primary legal standard that protects corporate directors from personal liability for good-faith cybersecurity decisions that later prove wrong?

Accepted Answer

Business judgment rule

Answer

Duty of loyalty exception

Answer

Safe harbor provision

Answer

Best efforts standard

Question 3

The SEC's 2023 cybersecurity disclosure rules require public companies to disclose material cybersecurity incidents within how many business days of determining materiality?

Accepted Answer

4 business days

Answer

2 business days

Answer

10 business days

Answer

30 calendar days

Question 4

Under FTC Act Section 5, what cybersecurity standard are companies held to when they fail to protect consumer data?

Accepted Answer

Unfair or deceptive trade practices standard

Answer

Strict liability for all data breaches

Answer

Negligence per se based on NIST standards

Answer

Reasonable care under common law

Question 5

Which legal doctrine can hold a parent company liable for cybersecurity failures of its subsidiary?

Accepted Answer

Both A and B depending on facts

Answer

Piercing the corporate veil

Answer

Respondeat superior

Answer

Neither, subsidiaries are always separate

Question 6

What is the legal term for the obligation of companies to have a documented process for identifying, assessing, and managing cybersecurity risks?

Accepted Answer

Reasonable security obligation

Answer

Due diligence

Answer

Duty of care

Answer

Cybersecurity governance