Archives: Cyber Liability

Subscribe to Cyber Liability RSS Feed

Are GDPR Fines and Penalties Insurable?

When the European Union’s updated General Data Protection Regulation (GDPR) went into effect on May 25, 2018, media reports focused on the potentially massive fines that the regulation authorizes – the regulation authorizes fines of up to €20 million or 4 percent of a company’s annual worldwide revenue, whichever is higher, for noncompliance with the … Continue Reading

Cybersecurity Disclosure Practices and Standards

In February 2018, the SEC updated its cybersecurity disclosure guidelines for reporting companies, emphasizing the importance to investors and markets for prompt and robust disclosure relating to cyber issues. Indeed, in April, the agency brought its first enforcement action relating to cybersecurity enforcement issues. In its recent annual report, the agency’s enforcement division emphasized that … Continue Reading

SEC Warns of Need for Internal Controls to Prevent Cyberscams

The threat of cyberscams in the form of what has been called “social engineering fraud” or “payment instruction fraud” has become pervasive. In these swindles, imposters posing as senior corporate executives or company vendors direct company personnel to transfer funds to accounts that the imposters control. Losses from these frauds can be substantial, and, as … Continue Reading

Guest Post: The Speed of Breaches and Other Bad News in Cybersecurity Incident Response

 For any organization experiencing a data breach, the organization’s response to the incident remains one of the most important and yet one of the most challenging next steps. In the following guest post, Paul Ferrillo, a partner in the New York office of the Greenberg Traurig law firm, examines the ways that an organization can … Continue Reading

6th Circ.: Crime Policy’s Computer Fraud Section Covers Email Scheme Losses

In the second policyholder-favorable federal appellate court decision on the issue in a matter of days, the Sixth Circuit has held that the Computer Fraud provisions of a commercial crime policy cover a company’s losses from an email payment instruction fraud scheme. Just last week, the Second Circuit ruled in the Medidata case that Computer … Continue Reading

Guest Post: Why the Crypto-Enforcement Onslaught by U.S. Regulators Has Just Begun

One of the most significant recent developments in the financial world has been the sudden proliferation of cryptocurrencies. The quick rise of digital currencies seemingly caught regulators by surprise; regulatory action and involvement was slow to develop. But as John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office … Continue Reading

Guest Post: Ten Crypto-Caveats Floyd Mayweather and DJ Khaled Should Have Heard From Their Lawyers

Among the many problems that have come to light in the current cryptocurrency craze have been problems relating to celebrity endorsements for initial coin offerings (ICO). In the following guest post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, reviews the highest profile examples … Continue Reading

A Multitude of Cryptocurrency Developments

 The astonishing bitcoin bubble may have burst over the last several days. From its intraday peak in December 2017 of $19,783, the price for bitcoin had fallen as of Saturday to $8,524, a decline of over 60%. (Price declines continued on Monday.) Bitcoin’s price has fallen before and it has generally proven to be volatile. … Continue Reading

Guest Post: Which ICOs are Next to Get Caught up in the SEC’s ICO Dragnet?

One of the most interesting and arresting business stories of 2017 has been the astonishing proliferation of initial coin offerings (ICOs), as I discussed in a prior post (here). Readers who have been watching this story develop undoubtedly are aware that things have been moving very quickly recently on the regulatory front with respect to … Continue Reading

Investors File Data Breach-Related Securities Suit Against PayPal

Commentators (including me) have long speculated about the possible future direction of data breach-related litigation. There have of course been a number of very high profile data breach-related consumer class action suits, but so far relatively few data breach related D&O lawsuits. Of course, more recently investors filed a securities class action lawsuit involving the high-profile … Continue Reading

Guest Post: What Corporate Directors Need to Know about Cybersecurity

Cybersecurity issues are currently at the top of the agenda for corporate boards. In the following guest post, David M. Furbush and David M. Lisi of the Pillsbury law firm review what corporate directors should understand about their companies’ cybersecurity risks and how boards can go about proactively participating in decisions about what to do … Continue Reading

Cryptocurrencies and ICOs: Problems and Promise

Anyone who reads the business pages these days has to be aware that there has been a surge of interest and activity involving cryptocurrencies, and in particular involving initial coin offerings (“ICOs”). In third quarter 2017 alone, 105 ICOs raised over $1.3 billion. This level of activity has in turn attracted regulatory scrutiny and even … Continue Reading

Guest Post: Think the SEC EDGAR Data Breach Involved Insider Trading? Think Again.

The SEC’s disclosure that its EDGAR system had been had hacked was big news last week, as was the accompanying disclosure that the information accessed may have been used for improper trading. In the following guest post, John Reed Stark takes a look at the interesting and important legal issues that might arise if the authorities … Continue Reading

Guest Post: Groundbreaking Cyber Insurance Decision

Over the last several days, I have published several posts discussing important insurance developments relating to social engineering fraud, sometimes called payment instruction fraud. In the following guest post, Peter S. Selvin of the TroyGould PC law firm takes a detailed look at one of these recent decisions, the July 2017 decision in the Southern … Continue Reading
LexBlog