Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Regulators Set Sights on Big Data and Connected Devices

Federal and state regulators are beginning to set their sights on companies that collect, use and share consumer data, claiming they have sufficient authority to regulate potential privacy and data security risks posed by “big data” and “connected devices.” In her article for Legaltech News, Sutherland Partner Mary Jane Wilson-Bilik notes that the Federal Trade Commission (FTC) has...

SEC Seeks Comment on Cybersecurity Issues in ANPR for Transfer Agents

On December 22, the Securities and Exchange Commission (SEC) issued an advanced notice of proposed rulemaking (ANPR) for new transfer agent requirements, and it also issued a concept release for which public comment on the SEC’s broader review of transfer agent regulation is sought.  In the ANPR, the SEC specifically cited cybersecurity as an area in which the Commission intends to...

Cyber Bill passed into law as part of Omnibus Spending Package

The Cybersecurity Act of 2015 (“Act”), which was added to the fiscal 2016 appropriations measure, was signed into law on December 18, 2015. The Act includes, among other things, incentives for companies to participate in sharing information about data threats with the government and among themselves. Among these incentives is liability protection for those who participate in the...

The Six Lawsuits All GCs Face After a Data Breach

There are many types of litigation likely to arise following a data breach. For more information on the different types of actions that could be initiated by consumers, financial institutions, insurers, shareholders, employees and government agencies after a cyberattack, view this Law360 article.

NIST RFI on Cybersecurity Framework

The National Institute of Standards and Technology (NIST) is seeking information on how it might update and improve its February 2014 ‘‘Framework for Improving Critical Infrastructure Cybersecurity.” The Framework consists of voluntary standards, guidelines, and practices intended to help organizations manage cybersecurity risks. In a Request for Information (RFI) issued on December...