Talking About the Global Impact of Cybersecurity, Law, and Business Risk
LawyersWeekly has found that cybersecurity is now one of the top 3 concerns of corporate general counsel. It should probably be the first, given the trend toward finding liability for officers and directors for cybersecurity incidents. See Growing Trend of Officer & Director Liability for Cybersecurity Incidents Here are my key takeaways from the LawyersWeekly article: General counsel’s …
Continue reading “Cybersecurity is a Top Concern for Corporate General Counsel”
Will Officers and Directors be held legally responsible for their companies’ data breaches and cybersecurity incidents? That is the question I addressed in Cybersecurity Risk: Law and Trends – A Director’s Duties Must Evolve With The Company’s, which was recently published in the Spring 2015 issue of Ethical Boardroom (see article below). The article is short …
I really appreciate the #DtSR Gang [Rafal Los (@Wh1t3Rabbit), James Jardine (@JardineSoftware), and Michael Santarcangelo (@Catalyst)] inviting me to tag along for another episode of the Down the Security Rabbit Hole podcast. In this episode we discuss the following: Traveler’s Insurance files suit against a web development company for failing to provide adequate security, resulting …
Continue reading “New Podcast: #DtSR Episode 130 – Where Law and Cyber Collide”
Yesterday Forbes featured an excellent article that explained why it is important for companies to create Board-level committees to focus exclusively on the issue of cybersecurity. Here is just a teaser but I encourage you to read the entire article. Step one for every board is to understand that it is supposed to be offering oversight on …
Continue reading “Boards Had Better Start Paying Attention to Cybersecurity”
Will Home Depot be the one that’s “gonna get it”? Based upon the information we are learning, it could be. Way back in 2011 I wrote Data Breach — Who’s Gonna Get it? and it scared people. For good reason. In that piece I wrote of how one day, in the future, a company would come along that …
Continue reading “Data Breach Judgment: Will Home Depot Be the One to “Get It”?”
The Federal Trade Commission now requires businesses to take the following 3 steps when contracting with data service providers: Investigate. Obligate. Verify. Is your business following these steps? Investigate. Businesses are required to investigate by exercising due diligence before hiring data service providers. Obligate. Businesses are required to obligate their data service providers to adhere …
THE POINT: Recent statements from the SEC indicate that the new standard of care for companies may require policies in place for (1) prevention, detection, and response to cyber attacks and data breaches, (2) IT training focused on security, and (3) vendor access to company systems and vendor due diligence. Do you still think your …
Are statements made by executives of publicly traded companies via social media held to the same standard as statements they make in any other limited environment when it comes to material information about the company? Absolutely, here is why … Just this past week news broke that the Securities and Exchange Commission is considering bringing a …
That’s right — the Securities and Exchange Commission has determined that risks associated with cybersecurity can be material enough to require that they be included in companies’ disclosures. The SEC issued a disclosure guidance on October 13, 2011 to alert companies that these risks may fall within their existing disclosure requirements. In other words, what …
Continue reading “Cybersecurity risk — think its material? (hint: the SEC does!)”
You must be logged in to post a comment.