Category Archives: cybersecurity

House Energy and Commerce Committee Holds Hearing on Security of Internet of Things

The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its subcommittees–the Communications and Technology Subcommittee, chaired by Rep. Greg Walden (R-OR), and the Commerce, Manufacturing, and Trade Subcommittee, chaired by …

Read more »

Cybersecurity Due Diligence Is Crucial in All M&A—Including Energy M&A Transactions

Can a single data breach kill or sideline a deal? Perhaps so. Last month Verizon signaled that Yahoo!’s disclosure of a 2014 cyberattack might be a “material” change to its July $4.83 billion takeover bid—which could lead Verizon to renegotiate or even drop the deal entirely. Concern over cybersecurity issues is not unique to technology …

Read more »

Privacy and Data Security in the Trump Administration

Privacy and data security issues were prominent in the campaign. Allegations were even made that Russia was behind the DNC hack. Despite it being front and center in the campaign, cybersecurity did not generate specific policies from the Trump campaign. One thing Donald Trump did promise was a top to bottom review of US cyber …

Read more »

Legal Challenge to EU-US Privacy Shield Framework

As widely expected, the EU-US Privacy Shield is being challenged before the European courts. What is Privacy Shield? In October 2015, the Court of Justice of the European Union (CJEU) ruledthat the European Commission’s decision on adequacy for the Safe Harbor scheme was invalid.  The European Union and the United States agreed a new framework …

Read more »

Cyber Security Awareness Needs To Last Beyond October

The U.S. Department of Homeland Security (DHS) has designed October as National Cyber Security Awareness Month. But as we leave October, remember that data security is an ongoing challenge that requires continued vigilance not just from information system hacking, but also from employee error and other threats. Setting up a comprehensive training and awareness program is …

Read more »

Schnucks Shakes Card Issuer Data Breach Class Action, For Now

A relatively new breed of data breach class action involves financial institutions suing merchants for expenses associated with credit card data breaches. Although merchants may not have contractual privity with the card issuers (and instead may have contractual privity with the credit card brands or payment processors), the financial institutions in these cases claim that …

Read more »

Recent Studies Show Increasing Need For Employee Training in Data Security

Two recent studies show an increasing need for companies to better train their employees in data security to prevent data and monetary loss. On September 7, 2016, Wells Fargo Insurance released a study on cyber security showing some interesting trends in companies with $100 million or more in annual revenue. The second-annual study questioned 100 decision makers …

Read more »

New York Proposes First-Ever Cybersecurity Regulation for Financial Institutions

The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches.  Specifically, the rule would require insurers, banks, and other financial institutions to develop detailed, specific plans for data breaches; to appoint a chief privacy security officer; …

Read more »

Espionage and Export Controls: iPhone Hack Highlights New World of Warfare

Last week, researchers at Citizen Lab uncovered sophisticated new spyware that allowed hackers to take complete control of anyone’s iPhone, turning the phone into a pocket-spy to intercept communications, track movements and harvest personal data. The malicious software, codenamed “Pegasus,” is believed to have been developed by the NSO Group, an Israeli company (whose majority …

Read more »

Why You Need Law Firm Data Breach Response Plan

Hacking was once again prominently in the news when it was announced right before the Democratic National Convention that Democratic Party emails had been compromised. This comes after an incident earlier this year when it was announced that hackers broke into the computer networks at a number of well-known law firms, including Cravath Swaine & …

Read more »