The FTC Asserts Its Jurisdiction and Provides Ten Steps to Enhance Cybersecurity

In its new guidance, “Start with Security,” the Federal Trade Commission is “stating its case why it should be recognized as the preeminent authority in this area,” Stephen Newman, a partner at Stroock, told Cybersecurity Law Report.  The FTC makes clear in the guidance that it expects companies to put strong cybersecurity practices in place and will hold the companies responsible for lax security measures if a breach does occur.  The guidance also provides valuable compliance advice – it articulates the FTC’s thoughts on how to reduce risk with “fundamentals of sound security” based on “the lessons learned from the more than 50 law enforcement actions the FTC has announced so far.”  We discuss the ten steps the FTC has put forward to enhance cyber compliance, with input from experts.  See “After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?,” Cybersecurity Law Report, Vol. 1, No. 4 (May 20, 2015).

To read the full article

Continue reading your article with a CSLR subscription.