As I noted in a post at the time, on February 21, 2018, the SEC released its cybersecurity disclosure guidance for publicly traded companies. In the following guest post, David Fontaine, CEO of Kroll, Inc. and its parent, Corporate Risk Holdings, and John Reed Stark, President of John Reed Stark Consulting and former Chief of … Continue Reading
As I noted in a post at the time, on February 20, 2018, the SEC issued its guidance for cybersecurity-related disclosures. In the following guest post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, has pulled together of list of 12 takeaways for corporate … Continue Reading
The astonishing bitcoin bubble may have burst over the last several days. From its intraday peak in December 2017 of $19,783, the price for bitcoin had fallen as of Saturday to $8,524, a decline of over 60%. (Price declines continued on Monday.) Bitcoin’s price has fallen before and it has generally proven to be volatile. … Continue Reading
One of the most interesting and arresting business stories of 2017 has been the astonishing proliferation of initial coin offerings (ICOs), as I discussed in a prior post (here). Readers who have been watching this story develop undoubtedly are aware that things have been moving very quickly recently on the regulatory front with respect to … Continue Reading
Commentators (including me) have long speculated about the possible future direction of data breach-related litigation. There have of course been a number of very high profile data breach-related consumer class action suits, but so far relatively few data breach related D&O lawsuits. Of course, more recently investors filed a securities class action lawsuit involving the high-profile … Continue Reading
The outrage that followed Uber’s revelation that hackers had accessed 57 million passenger and drive records was not about the breach itself. It was about the accompanying disclosure that the company had kept the news of the data breach secret after paying the hackers a ransom. The outrage at these disclosures was not lost on … Continue Reading
Cybersecurity issues are currently at the top of the agenda for corporate boards. In the following guest post, David M. Furbush and David M. Lisi of the Pillsbury law firm review what corporate directors should understand about their companies’ cybersecurity risks and how boards can go about proactively participating in decisions about what to do … Continue Reading
Anyone who reads the business pages these days has to be aware that there has been a surge of interest and activity involving cryptocurrencies, and in particular involving initial coin offerings (“ICOs”). In third quarter 2017 alone, 105 ICOs raised over $1.3 billion. This level of activity has in turn attracted regulatory scrutiny and even … Continue Reading
Although a number of high-profile data breaches have led to D&O claims, so far the plaintiffs’ track record in these kinds of cases has been poor. However, as a result of a number of recent developments, there may be good reason for corporate directors and officers to be concerned about these kinds of claims going … Continue Reading
The SEC’s disclosure that its EDGAR system had been had hacked was big news last week, as was the accompanying disclosure that the information accessed may have been used for improper trading. In the following guest post, John Reed Stark takes a look at the interesting and important legal issues that might arise if the authorities … Continue Reading
There has been a steady drumbeat of news about high profile data breaches in the past several days, including the news about the Equifax data breach and the disclosure of the breach at the SEC. In the following guest post, John Reed Stark takes a look at these data breaches and their implications. John is … Continue Reading
In the wake of credit monitoring and reporting firm Equifax’s announcement last week that it had sustained a data breach involving 143 million U.S. customers, a wave of consumer class action lawsuits has followed. In addition, the litigation wave now also includes at least one securities class action lawsuit; more securities suits are likely to … Continue Reading
Over the last several days, I have published several posts discussing important insurance developments relating to social engineering fraud, sometimes called payment instruction fraud. In the following guest post, Peter S. Selvin of the TroyGould PC law firm takes a detailed look at one of these recent decisions, the July 2017 decision in the Southern … Continue Reading
As many readers are aware, there have been a number of recent case decisions addressing insurance coverage issues arising out of social engineering fraud, sometimes known as payment instruction fraud. The recent round of judicial decisions includes a ruling by a Canadian court. In the following guest post, Jamieson Halfnight and Anne Juntunen of the … Continue Reading
In the latest decision in which class action consumer data breach claimants have been successful in establishing the requisite standing to pursue their claims, on August 1, 2017, the D.C. Circuit held that the claimants’ risk of future harm is sufficient to meet Article III standing requirements. This decision is the latest in a growing … Continue Reading
Just days after a Southern District of New York judge ruled in the Medidata Solutions decision that the Computer Fraud section of a commercial crime policy covered losses from social engineering fraud (as I discussed in a post last week), a judge in the Eastern District of Michigan has held that a crime policy’s computer … Continue Reading
One of the more vexing threats in the current business environment is the rise of “social engineering fraud” or “payment instruction fraud.” In these schemes scammers using official-seeming email communications induce company employees to transfer company funds to the imposters’ account. Among the many issues involved when these kinds of scams occur is the question … Continue Reading
In the current world, cyber security is critical for every organization. Cyber insurance is an important part of every organization’s cybersecurity program. In the following guest post, a Senior Associate in D’Amato & Lynch, LLP’s Fidelity Bond Practice Group, examines how business can best match their cyber insurance to their cyber security needs. I would … Continue Reading
During the period 2014-2015, several companies –including Home Depot — that had experienced high-profile data breaches were hit with cybersecurity-related D&O lawsuits. All of these lawsuits, including the one against Home Depot, were dismissed. The plaintiffs in the Home Depot case filed an appeal of the dismissal. Now it appears that while the appeal was … Continue Reading
The recent news that Yahoo’s general counsel had resigned following a probe of high-profile data breaches at the company has generated a great deal of discussion and concern. In the following guest post, David Fontaine and John Reed Stark take a look at the circumstances surrounding the resignation and consider the implications of and lessons … Continue Reading
Cybersecurity is one of the most important and challenging issues of our time, one with which many organizations are struggling. In the following guest post, John Doernberg takes a look at the ways we talk about cybersecurity and asks whether the language we use may be part of the problem. John is an Area Vice … Continue Reading
I wouldn’t ordinarily write about the same company or set of circumstances two days in a row, but because of developments following in the wake of the data breaches Yahoo announced last year, the company’s name has come up again. Yesterday, I wrote about the investigation the SEC reportedly is pursuing in connection with Yahoo’s … Continue Reading
Ever since the SEC released its cyber security disclosure guidelines in October 2011, commentators (including me) have been speculating whether the agency might try to nab a company whose disclosure practices the agency might use as sort of a test case on the guidelines’ requirements. It now appears, at least based on media reports, the … Continue Reading
There is little doubt that cybersecurity is one of the most pressing issues in the contemporary corporate, political and economic arena. When, as have seen, cybersecurity has become a critical issue in the U.S. political and electoral processes, it is clear that the consequence and complications associated with cybersecurity have become both acute. Cybersecurity has … Continue Reading
