President Trump signed today a long-awaited Executive Order on Cybersecurity. I think it is mostly a non-event. There are some helpful provisions, including a requirement that government agencies implement the NIST Framework. Otherwise, it requires a series of executive reports on cybersecurity preparedness, generally within 90 days of the Order. As others have noted, those […]
Introduction Trade secrets are important to cybersecurity because many data breaches involve trade secret theft. The Defend Trade Secrets Act of 2016 (DTSA) amended the Espionage Act of 1996 to provide a federal private right of action for trade secret misappropriation. Some commentators opposed the DTSA in part because it seems redundant in light of state trade […]
Cybersecurity is an overwhelming problem – so overwhelming that it seems impossible to address. From the legal and compliance perspective, the problem is compounded by a lack of clear regulatory rules or judicial precedent about what kinds of measures might be sufficient to mitigate the risk of liability for a data breach or other cybersecurity […]
Here are the slides for my presentation on cybersecurity and the economic loss doctrine at the NJICLE 2016 Cybersecurity Conference.
Here are the slides for my presentation on law firms and cybersecurity at the NJICLE 2016 Cybersecurity Conference.
Here are my slides for the “Think Like a Lawyer Talk Like a Geek” PLI Presentation tomorrow.
The FTC’s enforcement action against LabMD has been stayed in an unusual grant of emergent relief by the Eleventh Circuit. The FTC’s Opinion in LabMD essentially established a negligence balancing test for cybersecurity compliance. A negligence balancing test requires a rough evaluation of the burden of avoiding a risk (B) compared to the probability of […]
The FTC has issued a new data breach response guide for businesses. There is a good amount of useful information in the guide, particularly in the steps to take immediately upon learning of a data breach. In particular, the steps to secure affected operations are important, including assembling a forensic and legal team, securing physical […]
“Ransomware” is malicious software that enables attackers to hold computer data or a computer network hostage until a ransom is paid. Ransomware often encrypts all the files on a system, making them unusable until the attacker supplies an encryption key. An FBI Alert issued last week stated that ransomware infections are at an “all-time high.” […]
Microsoft is waging a multi-front legal war over control of the “cloud.” The Second Circuit recently handed Microsoft a battlefield victory in a case captioned In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corporation, — F.3d —, 2016 WL 3770056 (2nd Cir. 2016). The case concerns […]