What Can Be Learned From 2016 Security Incidents?

By Craig A. Hoffman on December 22, 2016 Posted in Cybersecurity

Cue the year-end articles saying that this was the worst year to date for data breaches. Follow that with more dire predictions for 2017. Layer in one-size-fits-all recommendations to mitigate these risks. And finish with technology solutions that you must have. If you read all of this you might come away thinking that if your … Continue Reading

A Deeper Dive: Risk Assessments Are a Necessary Step in Creating Layered Cyber Defenses

By Randal L. Gainer on June 4, 2015 Posted in Cybersecurity, Incident Response, International Privacy Law

We have released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. Tens of thousands of cyber attackers employed by Chinese People’s Liberation Army and other employees and contractors of the Chinese Ministry of State Security work … Continue Reading

SEC Provides Guidance on Cybersecurity Disclosure Obligations

By Craig A. Hoffman on October 15, 2011 Posted in Cybersecurity, Data Breaches, Information Security

The SEC released a guidance document on October 13, 2011, which set forth the views of the Division of Corporation Finance regarding disclosure obligations relating to cybersecurity risks and incidents. Even though there is no disclosure requirement specific to cybersecurity risks and incidents, information about such incidents and their effects may need to be disclosed … Continue Reading