The disclosure of yet another massive cyber breach at yet another company has become a weekly occurrence. These recurring events have a number of implications, which include not only what companies need to do to try to prevent these kinds of events, but also how companies need to prepare in order to be able to
As Part of White House Cyber Security Initiative, President Proposes Uniform Data Notification Rules
As previously discussed on this blog (refer for example here), over the years there have been a number of different responses from the federal government to the threat of cyberattacks on U.S. companies and infrastructure, but overall the government’s track record on the issue is mixed. However, according to a January 12, 2015 Wall
Guest Post: Changing the Cyber Security Playing Field in 2015
As I have noted in a number of recent posts, there have been a host of significant cyber security developments, including among the Sony Pictures Entertainment hack attack. These developments have a number of important implications for the cyber security arena in the year ahead. In the following guest post, Paul Ferrillo of
Will Investors Sue Over the Sony Hack Attack?
As I noted in my recent rundown of the top D&O stories of 2014, one of the most important developments during the year just finished was the emergence of cyber security as a D&O liability concern. During 2014, plaintiff shareholders launched cyber breach-related derivative lawsuits against the boards of Target and Wyndham (about which refer
That Time the Entire Cyber Security Exposure Narrative Changed
The hack attack on Sony Pictures Entertainment was massive, and it had a devastating effect on the company. As detailed in the December 30, 2014 Wall Street Journal article entitled “Behind the Scenes at Sony as Hacking Crisis Unfolded,” (here), the hackers who attacked Sony’s systems didn’t just pilfer the company’s data —
Up Next: Cyber Insurance Requirements for Banks?
As I noted in a post last week, in a speech earlier this month in which she outlined the steps bank boards can take to address cybersecurity issues, Sarah Raskin, the second-ranking official at the U.S. Department of Treasury, laid out the reasons why banking institutions should be investing in cyber insurance. This speech
Guest Post: Cyber Security: The Importance of a Battle-Tested Incident Response Plan
With all of the high profile data breaches that have taken place in recent months, cyber security is a critical topic at the top of just about everyone’s agenda. In the following guest post, Paul A. Ferrillo of the Weil Gotshal law firm takes a look at the best approach to the cyber security challenge
Guest Post: Cyber Security and Cyber Governance: Federal Regulation and Oversight – Today and Tomorrow
It seems that every day there is yet another story in the business pages about a significant data breach at a major company. Cybersecurity is an increasingly important topic for companies and their shareholders, and the problems with cybersecurity are an increasing concern in Washington as well. In the following guest post Paul A. Ferrillo
Guest Post: The Cloud, Cyber Security and Cloud Cyber Governance: What Every Director Needs to Know
As I have noted frequently on this blog (most recently here), it is becoming increasingly clear that cybersecurity is viewed as a board level issue. At the same time that many boards have taken up the concerns surrounding cybersecurity issues, their companies increasingly are becoming dependent on cloud computing – which potentially could make
What Are the Bad Guys Up to Now? Hacking Health-Care Records, Apparently
As if it were not bad enough that hackers are attacking retail businesses like Target and Neiman Marcus to obtain consumer credit card information, it turns out that the bad guys are also targeting health-care records. According to sources cited in a February 18, 2014 Wall Street Journal report entitled “Nursing Homes Are Exposed to