On June 28, 2018, Governor Brown signed the California Consumer Privacy Act of 2018, which goes into effect on January 1, 2020. But – because of certain look-back features in the new law – significant compliance will be required by January 1, 2019. The Act is enforceable by the California…
Articles Posted in Policies and Procedures
Cybersecurity Incident Response Plans – A Corporate Multi-Use Tool
The stakes have been raised as the EU’s new General Data Protection Regulation, or GDPR, mandates notification within 72 hours. Once that happens, social media and public opinion give you only hours to get it right. It’s often said that one can do something well, or quickly, but not both. …
What is Blockchain Good For? Here are some guidelines.
Welcome to the third article in our series of blogs about blockchain technology and its impact on business practices, corporate governance and cybersecurity. In Robert Braun’s article, Blockchain: The good, the bad, and how to tell the difference published by FinTech Weekly, he explores two issues about…
Could We Have Seen This Coming? – The Importance of HR to Cybersecurity
Today’s blog is written by my partner, Louise Ann Fernandez, Chairperson of JMBM’s Labor & Employment Group. Louise Ann helps companies put hiring and employment policies in place — and develops training programs — that help to protect the business against cyber threats. — Michael A. Gold Could We Have…
Think Twice Before Logging on to Public Wi-Fi
At the airport, in a coffee shop or hotel lobby? Think twice before logging on to that free Wi-Fi. What’s not to love about free, public Wi-Fi? It’s free. It’s easy. A couple of clicks and you’re connected to the world. When you’re on the go, there will always be…
Responding to a Data Breach: CEOs Should Develop a Narrative That Responds to Customers and Regulators
The cybersecurity breaches this month of Equifax and Deloitte—both firms that tout the value of their data and security acumen—show that no company is immune to hacking. But there is one thing that smart companies can do, both before and during a breach, and that is to develop and deploy…
For Small Businesses: The Current Landscape of Cybersecurity Law
Small businesses understand that they are challenged with all the cybersecurity issues that large companies face. But often they fail to act preemptively under the false assumption that the resources of a large company are necessary to manage cyber threats. Small businesses are often surprised to learn that effective cybersecurity…
Why Data Security Is So Hard (and what to do about it)
It’s ironic: when global threats are in the news every day, their ubiquity makes them easy to ignore. Whether they be political threats, climate threats, or data security threats, we can become numb to ever-present risk. Add in the chorus of advice from the growing number of providers, and even…
Middle-Market Companies Require a Customized Approach for Successful Cybersecurity
Middle-market companies have cultures, goals and business needs that are distinct from larger firms, and nowhere is that more true than with cybersecurity. Fortune 500 companies and brands with household names are much more likely to recover their reputations following a data breach. While breaches are costly in financial terms…
Cybersecurity Programs and the FTC – Staying out of Harm’s Way
While there is no nationwide cybersecurity program, the Federal Trade Commission has brought more than 50 actions claiming that the cybersecurity practices of a variety of companies in a variety of industries. While these actions have primarily been administrative and resulted in settlements, and the specifics of each order apply…