Preserving the Confidentiality of Cybersecurity Forensic Reports

Your company’s computer network has been breached and confidential customer data stolen. Not surprisingly, this results in a lawsuit filed against you by down-the-line victims; read, customers whose personal information found its way into the wrong hands.

In response to the breach, you did all the right things, including hiring experts to investigate and provide a forensic report. But to your dismay, that report—which includes some rather sensitive and potentially damaging information—has become subject of discovery in the litigation. What are you to do? (Read More)

Utah Joins the Privacy Law Bandwagon

Utah has enacted a privacy law, after its House and Senate unanimously passed the Utah Consumer Privacy Act. Governor Spencer Cox signed the legislation, which means Utah joins California, Colorado and Virginia as the only states in the nation that have given the nod to comprehensive privacy statutes. (Read More)

Cybersecurity on Its Mind: SEC to Require Cyber-Related Reporting and Disclosures

Last week, the U.S. Securities and Exchange Commission announced a proposed rule that, if adopted, will compel public companies to disclose their governance, risk management and strategy with respect to cybersecurity risks. In addition, these entities would have to report any material cybersecurity incidents. (Read More)

Companies Must Take the Good (Reviews) With the Bad

No business likes negative reviews, but companies must deal with the consequences of unhappy customers. This is particularly true in light of recent Federal Trade Commission allegations levied against online fashion retailer Fashion Nova, LLC, which learned the hard way what happens when a company blocks negative product reviews from being posted online. (Read More)

Companies with Loyalty Programs in the Crosshairs for CCPA Compliance Investigations

California’s Attorney General has put businesses operating loyalty programs in the state on notice that they may be subject to investigation. AG Rob Bonta has done so by sending notices to several companies alleging noncompliance with the California Consumer Privacy Act (CCPA)—a law that requires businesses offering discounts, free items or other rewards to provide consumers with a notice of financial incentive when these offers are made in exchange for personal information. (Read More)

Hackers to the Rescue: An Overview of Bug Bounties

For far too many companies worldwide, computer hacks are an inevitability. Indeed, some experts place the statistical probability of a data breach at around 30%, which means potentially devastating trouble is lurking for nearly one in three businesses, both domestically and overseas. And when cybercriminals do infiltrate corporate computer systems, the resulting price tag can be substantial—recent estimates suggest that, on average, each breach costs companies in excess of $3 million.

The good news is that organizations in the private and public sector have at their disposal an arsenal of tools to combat cybercrime. Among them are so-called bug bounty programs, a lesser known but increasingly used method of identifying and fixing network vulnerabilities. (Read More)