Come explore security liability questions your board is thinking about. When is a company negligent in its processes for securing sensitive data? What constitutes reasonable efforts to address vulnerabilities in software and other components in its digital infrastructure? Should companies be held liable for not finding a common and easily-found vulnerability such as SQL Injection? Should businesses be held liable for failing to patch widely-known vulnerabilities such as Heartbleed?