Close Contact Us
Tap Here To Call Us

Articles Posted in Boards of Directors

Updated:

Online Workshop — A Reasonable Approach to Reasonable Security

Are your cybersecurity management practices reasonable? Do you know your risk tolerance? Are you covering all the cybersecurity bases that make up reasonable cybersecurity? The California Consumer Privacy Act (CCPA) and other emerging laws require organizations to have “reasonable cybersecurity practices.” The challenge is that there is no accepted definition…

Updated:

Directors Be Warned – You are Responsible for Your Company’s Data Security

The FTC Speaks On January 6, 2020, the Director of the Federal Trade Commission’s (FTC) Consumer Protection Bureau published a blog post with changes to the FTC’s approach to its orders and settlements of data breach enforcement actions.  One of the key elements of the report was a revision to…

Updated:

Overstate Your Cybersecurity at Your Peril – Lessons from the Equifax Data Breach

Looking back with the perspective of two years, the Equifax data breach still has many lessons to teach us. Unfortunately, some of the most important lessons are masked by the extremes of the errors that characterized the original breach, which include insider trading by top executives after the breach was…

Updated:

Illinois Expands Protection of Biometric Information – Who’s Next? Opening the gates to expensive class actions and “sue and settle” lawsuits

By Michael Gold and Bob Braun A new ruling by the Illinois Supreme Court could trigger expensive class action lawsuits and private litigation against businesses, even where plaintiffs do not allege actual injury. The case demands attention, not only from those doing business in Illinois, but throughout the nation. The…

Updated:

Cybersecurity Predictions for 2019

In their column, Top 10 cybersecurity predictions for the new year, Robert Braun and Michael Gold, co-chairs of JMBM’s Cybersecurity & Privacy Group offer predictions on federal privacy legislation (they won’t pass any and if by chance they do, it won’t work), data localization (more companies will have to decide…

Updated:

Cyber Risk and Internal Accounting Controls: How Should Boards Respond?

The SEC warns public companies that lax cybersecurity practices could violate rules governing internal accounting controls, and offer nine scams as cautionary tales. The SEC has become increasingly active when it comes to cybersecurity. Last month, it issued an investigative report about Business Email Compromises (BCEs) involving nine public companies…

Updated:

Risk Assessment – the Key to Cyber Risk Management

One of the great frustrations in contemplating a data security program is that there is no such thing as a one-size-fits-all solution.  There is no law or regulation that specifies the exact steps a company needs to take in order achieve data security.  While there are some regulatory and industry…

Updated:

Arthur J. Gallagher Risk Management Roundtable

I’m attending the Arthur J. Gallagher Risk Management Roundtable on September 12 and 13 at the Intercontinental Hotel  in New Orleans, where Alex Ricardo of Beazley and I will be speaking on Cybersecurity in the Hospitality Industry tomorrow morning.  I’ll be leading a discussion of the unique privacy and security issues…

Updated:

Cyber Risk and the Board of Directors –Closing the Gap

This article, written by Michael A. Gold, Partner at Jeffer Mangels Butler & Mitchell, was originally published by Bloomberg BNA Corporate Governance Report on October 7, 2013 and articulates the responsibility that corporate boards must own in order to protect the electronic assets of their organization. Read Cyber Risk and…

Updated:

CLIENT ALERT: California Supreme Court Rules That ZIP Codes Are Personal Identification Information

On February 10, 2011, the California Supreme Court held in Pineda v. Williams Sonoma that ZIP codes are considered “personal identification information” under the Song-Beverly Credit Card Act, California Civil Code § 1747 et seq. (the “Act”). As previously discussed in our January and March 2009 client alerts, the Act…

Contact Us