FTC Lessons Learned: Corporate Board Oversight
Privacy, Cyber & AI Decoded Alert | 1 min read
May 6, 2021
The Business Alert
On April 28, 2021, the FTC issued a business alert reminding corporate boards to make data security a priority and to advocate implementing a top-down approach to the issue. The alert warns: “In addition to the significant costs to consumers, data breaches, network intrusions, and looming cyber threats can open up a firm to substantial financial costs, reputational hits, and legal liability.” The Business Alert suggests that data security begins with corporate Board of Directors instead of the IT Department.
The Recommendations
FTC staff offered five “common-sense recommendations for conscientious directors.”
- Make data security a priority. This includes building a team of stakeholders from across the organization and holding regular security briefings.
- Understand cybersecurity risks and challenges facing the company. Board members should set priorities and allocate necessary resources.
- Don’t confuse legal compliance with security. The alert cautioned against adopting a “check the box” approach in favor of a security program that is narrowly tailored to the company’s unique circumstances.
- It’s more than just prevention. An effective security program should be enhanced with a “robust incident response plan.”
- Learn from mistakes, both internally and externally.
The Takeaways
The FTC staff recommendation that board members “talk the talk and walk the walk” is the key takeaway. This effort includes having tough conversations like:
- What kind of data are we keeping and why? And where are we keeping it?
- Are our policies and procedures adequate to protect our data?
- Are our actual security practices in line with our policies and our public-facing statements?
- Are our security investments and expenditures in line with our security risks and threats?
Related Capabilities
Featured Insights
Privacy, Cyber & AI Decoded Alert
May 21, 2026
Deploying AI Companions in Elder Care: A Privacy Compliance Playbook
Press Release
May 20, 2026
Hinshaw Releases America 250 Book Exploring Insurance's Role in Building the United States
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 19, 2026
OCC's Final Escrow-Interest Preemption Rules Bolster the Second Circuit’s Cantero Decision
Privacy, Cyber & AI Decoded Alert
May 21, 2026
Deploying AI Companions in Elder Care: A Privacy Compliance Playbook
Press Release
May 20, 2026
Hinshaw Releases America 250 Book Exploring Insurance's Role in Building the United States
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 19, 2026
OCC's Final Escrow-Interest Preemption Rules Bolster the Second Circuit’s Cantero Decision
Webinar
May 19, 2026
Scott Seaman Speaks on Making Decisions in Difficult Risk Environments
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 14, 2026
Key Takeaways from the 2026 MBA Legal Issues and Regulatory Compliance Conference
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 14, 2026
SCOTUS Confirms: Federal Courts Retain Power to Affirm or Vacate an Arbitration Decision
Event
May 14-15, 2026
In The News
May 13, 2026
Hinshaw Contributes Chapters to “Wrongful-Death and Survival Actions” IICLE Handbook
In The News
May 12, 2026
Hinshaw GC Steve Puiszis Discusses Protecting Attorney-Client Privilege in an AI Age
Event
May 12-13, 2026
Mitchel Chargo Speaks on the Rapidly Evolving Cannabis Industry
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 11, 2026
Tennessee Reaches Settlement with Mariner in Multistate UDAAP Enforcement Action
Press Release
May 11, 2026
Ali Degan Elected to the Fellows of the American Bar Foundation
