Will Home Depot be the one to "get it"?

Home Depot Data Breach Shareholder Derivative Suit Against Directors Fails

Will Home Depot be the one to "get it"?Officers and directors of companies that have had data breaches have become targets of litigation through shareholder derivative claims since the consumer class-action claims have had a difficult time making it past the causation of harm threshold. Those officers and directors may now sigh in relief, if only briefly, following a November 30, 2016, ruling by the District Court in the Home Depot Shareholder Derivative Litigation dismissing the shareholders’ claims against the officers and directors. (Court’s Order) Continue reading “Home Depot Data Breach Shareholder Derivative Suit Against Directors Fails”

Cybersecurity Legal Issues: What you really need to know (slides)

Shawn Tuma delivered the presentation Cybersecurity Legal Issues: What you really need to know at a Cybersecurity Summit sponsored by the Tarleton State University School of Criminology, Criminal Justice, and Strategic Studies’ Institute for Homeland Security, Cybercrime and International Criminal Justice. The presentation was on September 13, 2016 at the George Bush Institue. The following are the slides from Tuma’s presentation — a video of the presentation will be posted soon!

Continue reading “Cybersecurity Legal Issues: What you really need to know (slides)”

Why Cybersecurity Incidents Are Legal Events

In this video, cybersecurity and data protection attorney Shawn Tuma explains why cybersecurity incidents are as much legal events as they are information technology and business / public relations events.

Continue reading “Why Cybersecurity Incidents Are Legal Events”

4 Ways to Engage Executives in Cyber Risk

The CIO Journal has an informative article, 4 Ways to Engage Executives in Cyber Risk, that discusses a handful of ideas that can be helpful for engaging company executives on the issue of cybersecurity risks. Here are the 4 steps it suggests:

  1. Host a cyber risk heat-mapping session
  2. Establish key risk and performance indicators
  3. Simulate a cyber incident
  4. Scrutinize the security implications of new technologies

All are very good and the article offers a nice explanation for each step.


Shawn Tuma (@shawnetuma) is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, around the world.

Managing Cybersecurity Risks for Boards of Directors

Ethical Boardroom Winter 2016In his latest Ethical Boardroom article, Shawn Tuma explains why it is important for board members to have an active role in their company’s cybersecurity preparation and tells them several key steps they can take to do so. Tuma also explains why cybersecurity is as much a legal issue and business issue as it is an IT issue. Continue reading “Managing Cybersecurity Risks for Boards of Directors”