Do not miss this podcast discussing key cybersecurity legal events from 2015. Shawn Tuma joined the DtSR Gang [Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst)] on the Down the Security Rabbit Hole podcast.
In this episode…
- Most important cybersecurity-related legal developments of 2015
- Tectonic Shift that occurred with “standing” in consumer data breach claims
- Discussion of law prior to Neiman Marcus case, and post-Neiman Marcus
- Does this now apply to all consumer data breach cases?
- Immediate impact? Companies now liable?
- Lesson is in seeing the trend and how incrementalism works
- Michaels & SuperValu case dismissals in light of Neiman Marcus
- Tectonic Shift that occurred with “standing” in consumer data breach claims
- Regulatory Trends
- FTC & SEC gave hints in 2014, post-emergence of Target details
- Wyndham challenged authority – came to fruition in August 2015
- SEC not far behind – significant case in September 2015
- Aggressiveness of FTC is substantial – FTC v. LabMD … all over LimeWire
- Officer & Director Liability
- 2014 – SEC Comm. fired the warning shot … pointed the finger
- Shareholder derivative litigation
- Individual liability of IT / Compliance / Privacy “officers”
- Anticipated 2016 Legal Trends
- Regulatory enforcement … which, by the way, is why NIST is becoming default
- Shareholder Derivative – much more likely than consumer class actions at this time
- Lessons from both of these: when you need to persuade the “money folks” that they need to act, mention D&O Liability (especially Caremark) and Regulatory focus on individuals … now they’re in the cross-hairs
- Realization that cybersecurity is more of a legal issue than anything else (IT or business) b/c it is the legal requirements and consequences that ultimately drive everything
Go HERE to listen to the Podcast!
Leave a comment