Cybersecurity: Legal implications and risk management

Two legal cases in the US in the past month suggest that regulators and prosecutors are becoming more determined to take personal action against directors and senior executives who fail to deal adequately with cyber security breaches.  

In The Legal500's newly released In-House Lawyer Magazine a group of White & Case lawyers has contributed a legal briefing on trends in German commercial litigation.

In recent years, demands for payments in cryptocurrencies have become the ransom of choice for cyber extortionists and other online frauds. As a result, the English Court's powers are increasingly being called upon.

Ninth Circuit Decision Highlights Importance of Updating Risk Factors to Address Material Developments, including those relating to Cybersecurity Risks.

Consistent with its increasing activity in the cybersecurity enforcement space, in March 2021, the NYDFS issued its first penalty under the Cybersecurity Regulation. This client alert explores the settlement and offers takeaways on the areas of focus by the NYDFS in enforcement actions under the Cybersecurity Regulation.

Is a data subject entitled to compensation from a controller or processor if the data subject's GDPR rights have been infringed, even if they have not suffered any kind of material damage? 

Cybersecurity has been a mainstay of quarterly board agendas for years.

The fourth webinar in our 2020 Autumn Webinar Series covered crucial steps you should be taking to protect against cybersecurity threats and what you should do when disaster strikes.

Hot on the heels of the California Attorney General's rulemaking process for the California Consumer Privacy Act ("CCPA"), California voters have passed a ballot initiative to expand and create new privacy rights for consumers.

In the past few years, cybersecurity has taken on increasing importance in the eyes of lawmakers and regulators.

UK law enforcement can now obtain an order against a person in or operating in the US for the production of or access to electronic data under a new ‘landmark’ US-UK data sharing agreement.

The COVID-19 crisis has exposed many companies to more cyber threats. Tim Hickman and John Timmons discuss what businesses need to do should a major incident occur.

Recent decisions in Singapore and New Zealand confirm that the courts are prepared to act to provide greater certainty and support to stakeholders in cryptoassets.

The High Court has determined that Bitcoin (and other similar cryptocurrencies) can be considered property under English law, and could be the subject of a proprietary injunction. The Court granted the injunction to assist an insurance company to recover Bitcoin that it had transferred in order to satisfy a malware ransom demand.

Organisations are facing increasing uncertainty in assessing global notification and disclosure obligations and making a determination of whether to notify or disclose a privacy violation or security incident in today's complex regulatory environment. This article offers six steps companies should consider when navigating this complex process.

This article examines the impact of the UK Network and Information Systems Regulations 2018 (SI 2018/506) (NIS Regulations) on organisations post Brexit and their obligations under applicable cybersecurity law.