Tag Archives: cybersecurity

SEC Releases Cybersecurity Disclosure Guidance

After a bit of last-minute drama, the SEC on Wednesday issued its guidance for public company cybersecurity disclosures. The Commission’s guidance document emphasizes companies’ disclosure obligations under existing law and requirements. The statement also underscores the Commission’s concerns about insider trading prohibitions and the obligation of reporting companies to refrain from making selective disclosures about … Continue Reading

Guest Post: Cyber Risk: A Board Level View

It is now well known and understood that cybersecurity is a board level issue. This generalization is true not just for companies in the United States but for all companies around the world. In the following guest post, Joel Pridmore, Asia Pacific Underwriting Manager, Specialty, Corporate Insurance Partner, Munich Re Group, Saket Modi, CEO of … Continue Reading

Guest Post: Directors Beware: The EU’s General Data Protection Regulation Is Upon Us!

The European Union General Data Protection Regulation (GDPR) is scheduled to go into effect in May 2018. This directive has significant implications for any company that offers product or services to EU residents. In the following guest post, Keith B. Daniels, Jr., Esq., an attorney and the founder of CyberCounsel, takes a detailed look at … Continue Reading

Guest Post: What Corporate Directors Need to Know about Cybersecurity

Cybersecurity issues are currently at the top of the agenda for corporate boards. In the following guest post, David M. Furbush and David M. Lisi of the Pillsbury law firm review what corporate directors should understand about their companies’ cybersecurity risks and how boards can go about proactively participating in decisions about what to do … Continue Reading

Now Trending: Cybersecurity and Climate Change Disclosure Practices

One of the fundamental principles on which our system of securities regulation is based is the importance of disclosure. The system is built on the notion that companies must disclose certain basic information about their operations and performance so that investors can make informed investment decisions. While the disclosures required are a matter of regulation … Continue Reading

Home Depot Settles Data Breach-Related Derivative Lawsuit

During the period 2014-2015, several companies –including Home Depot — that had experienced high-profile data breaches were hit with cybersecurity-related D&O lawsuits. All of these lawsuits, including the one against Home Depot, were dismissed. The plaintiffs in the Home Depot case filed an appeal of the dismissal. Now it appears that while the appeal was … Continue Reading

Guest Post: Three Cybersecurity Lessons From Yahoo’s Legal Department Woes

The recent news that Yahoo’s general counsel had resigned following a probe of high-profile data breaches at the company has generated a great deal of discussion and concern. In the following guest post, David Fontaine and John Reed Stark take a look at the circumstances surrounding the resignation and consider the implications of and lessons … Continue Reading

Book Review: “Take Back Control of Your Cybersecurity Now”

There is little doubt that cybersecurity is one of the most pressing issues in the contemporary corporate, political and economic arena. When, as have seen, cybersecurity has become a critical issue in the U.S. political and electoral processes, it is clear that the consequence and complications associated with cybersecurity have become both acute. Cybersecurity has … Continue Reading

FTC Holds Private Information Disclosure In and Of Itself Sufficient Injury to Support Unfair Practices Claim

One of the recurring issues that has arisen as claimants and regulators have pursued cybersecurity-related claims against companies that have experienced a data breach is the question of what type or quantum of claimed injury is sufficient to sustain a claim. This issue has recurred in consumer cybersecurity-related damages actions and it has also arisen … Continue Reading

Target Corporation Cybersecurity-Related Derivative Litigation Dismissed

For some time now, many commentators, including me, have been predicting that cybersecurity-related litigation could become an important part of the D&O litigation environment. And that may yet happen. For now, however, the results in the recent cybersecurity-related cases have been, from the plaintiffs’ perspective, not particularly promising. On July 7, 2016, in the latest … Continue Reading

Guest Post: Law Firms and Cybersecurity: A Comprehensive Guide for Law Firm Executive Committees

There have been several very high profile news reports of significant law firm data breaches. It is not a mere coincidence that law firms increasingly are targeted in data breach attacks. Law firms have a trove of information that makes them highly attractive to cybercriminals. In the following guest post, John Reed Stark takes a look … Continue Reading

Guest Post: Boards of Directors and Cybersecurity: Applying Lessons Learned From 70 Years of Financial Reporting Oversight

In this day and age, the members of the boards of directors of most companies understand that cybersecurity issues are both important and should be a board-level priority. But while these issues and responsibilities are now well-recognized, many boards still struggle to translate these issues into action. In the following guest post from John Reed … Continue Reading

Senate Bill Would Require Disclosure Concerning Corporate Boards’ Cybersecurity Expertise

It is not news that cybersecurity is a serious corporate and domestic security concern. But despite continuing revelations of high-profile data breaches, cybersecurity is an area (OK, one of the many areas) where Congress has been slow to act. While there is still as yet no comprehensive Congressional attempt to tackle cybersecurity as an issue … Continue Reading
LexBlog