The increased digitalization of business activities has significantly exposed companies to data and information abuse risks, making their protection a central matter in corporate security. This paper examines the relationship between corporate security and corporate law, focusing on the legal obligations of organizations in protecting data and information. In the first part of the paper, the corporate security in the digital environment is analyzed, highlighting the increased risks for abuse of the digital data and information. Furthermore, the paper examines the role of corporate law in defining the duties of the board of directors in data and information protection and their liability in case of cyber incidents. The paper also examines data and information protection as a corporate law obligation by highlighting how corporate law provides a framework for the implementation of data protection and cybersecurity laws within organizations. The paper concludes that adequate protection of data and information can be achieved only with the integration of corporate security measures into corporate governance structures and that acknowledging data and information protection as a corporate law obligation is essential for creating lawful and resilient corporate security systems in a rapidly changing digital environment.
Nikolova-Marković et al. (Wed,) studied this question.