“Within four years, the majority of CEOs will be held personally responsible for cyberattacks that lead to injury and other physical damage.”

https://www.itproportal.com/news/ceos-could-soon-be-personally-liable-for-cyberattacks/