Tag: cybersecurity

1
Cracking the Code: Cybersecurity for Tomorrow
2
Proactive Protection of Consumers or Premature Penalty? Consumer Financial Protection Bureau Bucks the Trend in Data Security Breach Cases
3
Cybersecurity: The Obama Administration Proposes Legislation Proposals Would Standardize Breach Notification Requirements, Enhance Cybersecurity-Related Information Sharing, and Toughen Cybercrime Prosecution
4
Cybersecurity Lessons Learned From the FTC’s Enforcement History
5
What You Need to Know about Defending Cyber Related Class Action Litigations
6
Developments in Cybersecurity Law Governing the Investment Industry
7
New Cybersecurity Executive Order to Impact Financial Services Sector

Cracking the Code: Cybersecurity for Tomorrow

Please join K&L Gates and Carnegie Mellon University for a complimentary one-day program focusing on the prevention of, response to and investigation of cyber threats.

Date/time: Thursday, November 10, 8:00 am – 5:15 pm

Location: This event will be presented live at K&L Gates Pittsburgh and video broadcast to K&L Gates offices in Boston, Charleston, Charlotte, Harrisburg, Newark, New York, Raleigh, Research Triangle Park, and Washington, D.C.

Click here for more information and registration details.

Proactive Protection of Consumers or Premature Penalty? Consumer Financial Protection Bureau Bucks the Trend in Data Security Breach Cases

By: R. Bruce AllensworthRyan M. TosiLindsay S. Bishop

Data breaches and cybersecurity attacks appear to be growing in frequency. Despite the increase in the number of such attacks, plaintiffs have found it difficult to establish a legal foothold for data breach claims, as federal courts across the country have routinely dismissed data breach claims brought by private litigants where no cognizable harm has been alleged. The Consumer Financial Protection Bureau (“CFPB”), however, now appears poised to enforce regulations regarding the protection of private consumer information, including holding companies accountable — even without any data breach or misuse of private consumer information.

To read the full alert, click here.

Cybersecurity: The Obama Administration Proposes Legislation Proposals Would Standardize Breach Notification Requirements, Enhance Cybersecurity-Related Information Sharing, and Toughen Cybercrime Prosecution

By: R. Paul Stimers, András P. Teleki, Bruce J. Heiman, Michael J. O’Neil

On January 13, 2015, in response to the continuing onslaught of cyber attacks, including the recent cybersecurity attack and data loss at Sony Pictures Entertainment, the Obama Administration sent to Congress three legislative proposals to improve cybersecurity. The proposals would:

  • Establish a single federal breach notification standard preempting a patchwork of state notification laws;
  • Encourage cyber threat information sharing within the private sector and between the private sector and the federal government; and
  • Enhance law enforcement’s ability to investigate and prosecute cyber crimes.

The President has been highlighting the cybersecurity proposals in a series of speeches leading up to the State of the Union Address.

To read the full alert, click here.

Cybersecurity Lessons Learned From the FTC’s Enforcement History

By: Soyong Cho, Andrew L. Caplan

In 2014, cybersecurity and data breach incidents regularly made the headlines, with the reported breaches becoming increasingly large and complex. As in the past, these data breaches have inevitably been followed by a flurry of class actions and government investigations. But amid this flurry of activity, one federal regulator in particular, the Federal Trade Commission (the “FTC” or “Commission”), has unquestionably been the most prominent and active cybersecurity enforcer.

To read the full alert, click here.

What You Need to Know about Defending Cyber Related Class Action Litigations

15 January 2015
3:00 – 4:30 pm EST
Complimentary Webinar

Please join us for a complimentary program on defending cyber related class action litigation. The program will include an in-depth discussion, followed by a Q&A session, on recent developments involving cybersecurity class actions. Our knowledgeable panel will cover a range of issues including:

  • Coordinating with data breach response team
  • Theories of injury raised by consumers and credit institutions in response to data breaches
  • Statutory and common law causes of action typically pleaded
  • Approaches to defending claims and opposing class certification
  • Lessons learned from past data breach class actions
  • Insurance coverage considerations
  • Other emerging issues

Read More

Developments in Cybersecurity Law Governing the Investment Industry

By: Luke T. Cadigan, Sean P. Mahoney

The Investment Lawyer, Vol.21, No. 8, August 2014
Reprinted with Permission

Regulatory focus on cybersecurity is intensifying. Unlike other compliance matters, the deterrent effect of enforcement actions following data security breaches may be insufficient to achieve regulators’ purpose of ensuring that technology platforms are secure before an event occurs. Thus, in the area of cybersecurity, regulators appear to be shunning granular, prescriptive rules and instead insisting upon more holistic management of cybersecurity risk. Read More

New Cybersecurity Executive Order to Impact Financial Services Sector

By: David A. Tallman , Michael A. Cumming

On February 12, 2013, President Obama signed an executive order (“Order”) aimed at enhancing the cybersecurity of the nation’s “critical infrastructure” (generally defined as those “systems and assets” whose incapacity “would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters”). An accompanying policy directive designates the financial services sector as one of sixteen “critical infrastructure sectors” and, among other things, directs the Commerce Department’s National Institute of Standards and Technology (“NIST”) to collaborate with industry representatives in order to create a voluntary “cybersecurity framework.” The framework must be “technology neutral” and focused on “cross-sector security standards and guidelines applicable to critical infrastructure.” Read More

Copyright © 2018, K&L Gates LLP. All Rights Reserved.