Month: October 2018

Trick or Treat: Does the SEC’s October Report Signal a New Shift in Cybersecurity Enforcement?

By Joshua Mooney and Andrew Lipton, White and Williams LLP   On October 16, 2018, the Securities and Exchange Commission’s (SEC) Division of Enforcement issued a report on Cyber-Related Frauds Against Public Companies and Related Internal Accounting Controls Requirements (the Report)[1] warning that a public company’s failure to implement adequate cybersecurity controls to address the
Read More »

ABA Issues New Cybersecurity Ethics Rules for Lawyers

By Gwenn Barney, White and Williams LLP   Lawyers are advisors and advocates. Clients trust lawyers to preserve secrets, confidential matters that when disclosed could cause financial or reputational damage. A significant element of legal representation involves safe-guarding these confidences competently and also acting responsibly if an unauthorized disclosure occurs.   Law firms are prime
Read More »

New State Law Mandates Cybersecurity Enhancements

By Peter F. Johnson, Superior Court of Pennsylvania   California Governor Jerry Brown signed legislation mandating a longtime cybersecurity best practice—changing default passwords.  The use of weak default passwords is endemic to the consumer devices world, but is just as common in the world of enterprise computer equipment, on which corporate and customer data may
Read More »

Five Questions (And Possible Good Answers) Boards of Directors Should Ask About Cybersecurity

By Joshua Mooney and Kate Woods, White and Williams LLP   Data privacy and security can feel overwhelming for a company’s executive management. Unfortunately, that overwhelming feeling can prevent constructive dialogue and action toward improving a company’s cybersecurity program. Recently, the U.K.’s National Cyber Security Centre (NCSC) issued what it called a “Board tookit” —
Read More »