Tag Archives: cybersecurity

Data Breach-Related Securities Suit Filed Against Capital One

In the latest securities class action lawsuit to be filed against a company that has experienced a data breach or other cybersecurity incident, a plaintiff shareholder has filed a securities suit against Capital One in connection with the company’s recent massive data breach. While there have been a number of data breach-related securities suits before, … Continue Reading

Guest Post: Time to Face the Music – Cyber Risk is D&O Risk – And Things Are Getting Worse!

As this blog’s readers know, there have been a number of management liability claims that have been raised against companies that have experienced cybersecurity incidents. In the following guest post by Paul Ferrillo and Chris Veltsos, the authors argue that cyber risk is in fact D&O risk and that the risk is growing. The authors … Continue Reading

Recent Delaware Caremark Duty Decision Underscores Board Cyber and Privacy Liability Risks

Under the Delaware Chancery Court decision in the Caremark case, directors can be liable for failures in their oversight duties – that is, their duties to monitor the company and its functions. Lawsuits alleging a violation of the duty of oversight are notoriously challenging for plaintiffs. However, in the recent Marchand v. Barnhill case, the … Continue Reading

Guest Post: Buckle up Directors: Cybersecurity Risk and Bankruptcy Risk Are Not Mutually Exclusive

In the following guest post, Paul Ferrillo and Christophe Veltsos consider the implications of the recently announced bankruptcy of the corporate parent of a medical billing company following a high-profile date breach at the billing company. Paul is a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice. Chris is a … Continue Reading

Guest Post: Rating Agency Downgrades Following Cyber Breaches — Are They the Canary in the D&O Coal Mine?

In the following guest post, Paul Ferrillo and Chris Veltsos take a look at the latest consequences that companies are now facing following a data breach – a rating agency downgrade. Paul is a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice. Chris is a professor in the Department of … Continue Reading

Guest Post: Cyber Risk Health Factors Case Study — Technology Alone Can’t Fix Security

In the second part of a three part series, Paul Ferrillo and Christophe Veltsos explain how cyber risk assessments can provide value. Paul is a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice. Chris is a professor in the Department of Computer Information Science at Minnesota State University, Mankato where … Continue Reading

Guest Post: The Missing Link of Cybersecurity — Time for a Cyber Risk Check-Up

The threats to data security are substantial. Every organization faces some level of cyber risk. So how do we get better at cybersecurity? That is the question that Paul Ferrillo and Christophe Veltsos ask in the following guest post. Paul is a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice. … Continue Reading

Guest Post: Beat the Clock: 5 Important Steps to Deal with Today’s Complicated Cyber Breach Disclosure World

Cybersecurity threats are on the rise. Companies that find themselves hit with data breaches face a number of challenges, including in particular the challenge of responding to strict breach disclosure and notification requirements. In the following guest post, Paul A. Ferrillo, a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice, … Continue Reading

Guest Post: Ransomeware’s Dirty Little Secret: Most Corporate Victims Pay

As cybersecurity has become an increasingly important consideration for all corporate operations, one of the most pernicious problems has been the rise of so-called “ransomware” attacks – that is, systems breaches in which hackers take control of corporate networks and demand ransom payments as a condition of unlocking the systems. In the following guest post, … Continue Reading

Dismissal Motion Granted in PayPal Data Breach-Related Securities Suit

As I have noted in several recent posts, plaintiffs’ lawyers seem to have a renewed interest in trying to pursue securities class action lawsuits against companies that have experienced a data breach. Just to cite one recent example, as discussed here, within a day of Marriott’s recent high-profile announcement of a data breach involving its … Continue Reading

Guest Post: Cybersecurity and D&O Liability: Emerging Concerns under Indian Law

One of the most closely watched issues in the world of D&O is the extent to which cybersecurity-related issues will lead to liability for corporate directors and officers. In the following guest post, Tarun Krishnakumar, a New Delhi attorney qualified in India and California specializing on issues relating to emerging technology , takes a look at … Continue Reading

SEC Releases Cybersecurity Disclosure Guidance

After a bit of last-minute drama, the SEC on Wednesday issued its guidance for public company cybersecurity disclosures. The Commission’s guidance document emphasizes companies’ disclosure obligations under existing law and requirements. The statement also underscores the Commission’s concerns about insider trading prohibitions and the obligation of reporting companies to refrain from making selective disclosures about … Continue Reading

Guest Post: Cyber Risk: A Board Level View

It is now well known and understood that cybersecurity is a board level issue. This generalization is true not just for companies in the United States but for all companies around the world. In the following guest post, Joel Pridmore, Asia Pacific Underwriting Manager, Specialty, Corporate Insurance Partner, Munich Re Group, Saket Modi, CEO of … Continue Reading

Guest Post: Directors Beware: The EU’s General Data Protection Regulation Is Upon Us!

The European Union General Data Protection Regulation (GDPR) is scheduled to go into effect in May 2018. This directive has significant implications for any company that offers product or services to EU residents. In the following guest post, Keith B. Daniels, Jr., Esq., an attorney and the founder of CyberCounsel, takes a detailed look at … Continue Reading

Guest Post: What Corporate Directors Need to Know about Cybersecurity

Cybersecurity issues are currently at the top of the agenda for corporate boards. In the following guest post, David M. Furbush and David M. Lisi of the Pillsbury law firm review what corporate directors should understand about their companies’ cybersecurity risks and how boards can go about proactively participating in decisions about what to do … Continue Reading
LexBlog