LexisNexis® Legal Newsroom
Assessing U.S. Public Company Cyber Risk Disclosure Practices

It has been nearly two years since the SEC Division of Corporate Finance issued its Disclosure Guidance on cybersecurity risks. During this period reporting companies have had the opportunity to incorporate disclosures in their reporting documents about the cybersecurity risks they face. To develop a...

Cybersecurity Disclosure Under Scrutiny

The threat of a cybersecurity breach is unfortunately one of the ongoing business risks companies face in the current operating environment. For that reason, corporate disclosures of cyber-breach related risks have been a priority of the SEC’s Division of Corporate Finance as well as the agency’s...

What Are the Bad Guys Up to Now? Hacking Health-Care Records, Apparently

As if it were not bad enough that hackers are attacking retail businesses like Target and Neiman Marcus to obtain consumer credit card information, it turns out that the bad guys are also targeting health-care records. According to sources cited in a February 18, 2014 Wall Street Journal report entitled...

What to Watch in the World of D&O

Every year just after Labor Day, I take a step back and survey the most important current trends and developments in the world of Directors’ and Officers’ liability and D&O insurance. This year’s survey is set out below. Once again, there are a host of things worth watching in the...

Dismissal Granted in Cyber Breach-Related Derivative Suit Filed Against Wyndham Officials

Along with the separate derivative lawsuit filed against Target Corporation’s board, the cyber breach-related derivative action filed against Wyndham Worldwide Corporation’s board has been closely watched as representative of a potential new area liability exposure for corporate directors...

Top Treasury Official’s Speech Urges Adoption of Cyber Risk Insurance

Officials across a range of federal regulatory agencies have made it clear that promoting cyber security is an increasing priority. A critical part of the federal officials’ message has been the message that cyber security should be a corporate governance priority for company executives and corporate...

That Time the Entire Cyber Security Exposure Narrative Changed

The hack attack on Sony Pictures Entertainment was massive, and it had a devastating effect on the company. As detailed in the December 30, 2014 Wall Street Journal article entitled “Behind the Scenes at Sony as Hacking Crisis Unfolded,” ( here ), the hackers who attacked Sony’s systems...

As Part of White House Cyber Security Initiative, President Proposes Uniform Data Notification Rules

As previously discussed on this blog (refer for example here ), over the years there have been a number of different responses from the federal government to the threat of cyberattacks on U.S. companies and infrastructure, but overall the government’s track record on the issue is mixed. However...

State Net Capitol Journal: Utah Cyberattacks Up 10,000-Fold

A few years ago, government computer systems in Utah were sustaining 25,000 to 30,000 attempted cyber-attacks a day, which Utah Public Safety Commissioner Keith Squires thought was a lot at the time. But last week Squires told a legislative budget committee that last year there were spikes of 300 million...

Preparing for a Data Breach – What to Know About Breach Notification

by Kelsey S. Farbotko Data breaches are at the forefront of the news, and many companies, including those dominant in the health care industry, have found themselves front and center in the headlines. Although recent news stories have focused their attention on attacks on major, nationwide companies...

Never Tick Off a Redbird

At a press conference today, Satan officially announced that Hell has frozen over. He made this stunning announcement after the New York Times (NYT) reported that the baseball team with the most World Series wins in the history of the National League (NL), the St. Louis Cardinals, had hacked those paragons...

Next Up: A Home Depot Data Breach-Related D&O Lawsuit?

After claimants filed shareholders’ data breach-related derivative suits against the boards of Target ( here ) and Wyndham Worldwide ( here ), a number of commentators (including me) asked whether we could see a wave of cybersecurity related D&O lawsuits. Interestingly, since these two lawsuits...

Taking Control of Cybersecurity: A Practical Guide for Officers and Directors

Major cybersecurity attacks of increased sophistication — and calculated to maximize the reputational and financial damage caused to the corporate targets — are now commonplace. These attacks have catapulted cybersecurity to a top priority for senior executives and board members. To help...

Even Small Businesses Need to Pay Attention to Data Security

by Devin J. Chwastyk When people think about data breaches, corporate giants like Target, Home Depot and Michael’s spring to mind. But even small businesses holding personal information can face costly consequences if a breach occurs. In the past, cases only proceeded in the courts if plaintiffs...

Third Circuit: FTC May Pursue Data Breach Enforcement Action Against Wyndham Worldwide

On August 24, 2015, in a ruling that was much-anticipated because of its potential implications for the regulatory liability exposures of companies that have been hit with data breaches, the Third Circuit affirmed the authority of the Federal Trade Commission to pursue an enforcement action against Wyndham...

When Data Hacks Lead to D&O Lawsuits, Actual and Threatened

Many observers, including even this blog, have speculated whether the rising wave of data breaches and cyber security attacks will result in litigation against the directors and officers of the affected companies. Indeed, in 2014, there were two sets of lawsuits filed against the boards of companies...

Book Review: Cyber Risks, Social Media and Insurance

We live in a world in which rapidly shifting technologies and communications modalities have changed the way we interact and conduct business. These new media and means of interaction have introduced innumerable benefits and efficiencies. Unfortunately, these new alternatives have down sides; among other...

Are You Ready? Five Key Cybersecurity Battlefronts.

“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families. . . . I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber attacks, combat identity theft, and protect...