Cybersecurity News & Notes – June 2016 #2: A brief digest of cybersecurity news you can use...

In Case You Missed It:  The SEC fined Morgan Stanley $1 million for a 2014 data breach.  While the FTC had declined to pursue an enforcement action, blaming the breach on technical issues rather than any actions or omissions on the part of Morgan Stanley, the SEC reached a different conclusion.  The  SEC faulted Morgan Stanley for, among other things, failing to have adequate and up-to-date cybersecurity policies and for failing to correct gaps and flaws in its security systems.  This fine is a reminder of two important things:  first, that the SEC is going to be an increasingly active player in the cybersecurity space; and second, that companies are well-advised to audit their policies and procedures on a regular basis and train their employees on security protocols.

News of Note:  A National Cybersecurity Intelligence Center is set to open in the fall in Colorado Springs.   A public-private collaboration with a strong assist from the University of Colorado, it will focus on educating public officials and executives, provide support to organizations facing a cyber attack through a Rapid Response Center, and act as a research hub on cyber crimes through its Cyber Research, Education and Training Center.

Practice Tip of the Week:  Line up your vendors before a breach!  When your company has discovered that a breach has occurred, you then need to investigate how the breach occurred, fix it, and see what other vulnerabilities you might have.  You will almost certainly want to hire an outside vendor with significant expertise to do this work.  Likewise, sometimes you have to deal with the press; hiring an expert to manage your PR might be the wisest thing to do.  When you’re in the middle of handling a data breach, the last think you want to be doing is adding days, even sometimes weeks, to locate, vet, and contract with a vendor.  Take these actions now, while things are relatively calm, so that when a breach does happen your vendors are under contract, and just a phone call away from springing into action.

 

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Foley Hoag LLP - Security, Privacy and the Law | Attorney Advertising

Written by:

Foley Hoag LLP - Security, Privacy and the Law
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Foley Hoag LLP - Security, Privacy and the Law on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide