The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Cyber Crime

  • From Vol. 4 No.22 (Jul. 25, 2018)

    Implications of the Supreme Court’s Carpenter Decision on the Treatment of Cellphone Location Records

    According to the U.S. Supreme Court, historical cellphone records deserve more stringent protection than other customer information held by service providers. In Carpenter v. United States, the Court recently ruled that the collection of historical cell-site location information during a criminal investigation is subject to Fourth Amendment “search and seizure” protection and that the federal government generally needs a warrant to access such records. The decision may have been a victory for privacy advocates in theory, but what does it mean on the ground for government investigations and the companies that handle this and related data? This article analyzes the decision and its implications with insight from our experts. See also “How to Respond to Law Enforcement Demands for Geolocation Data and Data Stored Abroad” (Nov. 30, 2016).

    Read Full Article …
  • From Vol. 4 No.22 (Jul. 25, 2018)

    Companies Face Increasing Cost of a Data Breach and an Inability to Detect Incidents Promptly, Surveys Show

    Two recent surveys, one by IBM and the Ponemon Institute showing that the average total cost of a data breach is $3.86 million, and the second by Marsh & McLennan Agency revealing that most organizations do not know how to measure the cyber risk they face, seem to demonstrate a collective corporate sense of false security in an organization’s ability to handle a cyber incident. Seventy-eight percent of respondents to the MMA survey were fairly to highly confident their organization would be able to manage and respond to a cyber attack, but the IBM/Ponemon survey found it takes almost six months to identify an incident. The Cybersecurity Law Report takes a closer look at the results of these surveys and what they reveal about risk awareness and, perhaps, a certain measure of corporate torpor in addressing the likelihood of a data breach. See “Pillars of Effective Breach Detection, Response and Remediation” (Apr. 25, 2018).

    Read Full Article …
  • From Vol. 4 No.20 (Jul. 11, 2018)

    Ransomware Lessons From the Trenches of the MedStar Attack

    Partly due to the critical nature of their services, industries such as healthcare are frequent targets for ransomware attacks. Advice on how to respond is plentiful, but the most valuable lessons can come from those who have lived through these attacks as victims and investigators. During a panel at Georgetown’s 2018 Cybersecurity Law Institute, Mary Chapin, chief legal officer of the National Student Clearinghouse, Hadley Etienne, FBI Supervisory Special Agent, Major Cybercrimes, and Larry Smith, vice president for corporate risk management services at MedStar Health, discussed the prevalence, reporting trends and legal implications of a ransomware attack. They examined the 2016 attack on MedStar Health in detail, providing lessons on attack prevention, mitigation and response. See “Identifying and Preparing for Ransomware Threats (Part One of Two)” (Feb. 28, 2018); Part Two (Mar. 14, 2018).

    Read Full Article …
  • From Vol. 4 No.6 (Mar. 28, 2018)

    Beware of False Friends: A Hedge Fund Manager’s Guide to Social Engineering Fraud

    Cybercriminals are increasingly relying on social engineering to attack corporate systems. Certain types of companies such as hedge funds are particularly vulnerable, given that they typically lack extensive in-house cybersecurity expertise, deal with large sums of capital and have relationships with powerful clients and individuals. Social engineering fraud poses a number of risks to fund managers. Fortunately, managers can mitigate these risks by training employees, instituting multi-factor authentication, adopting verification procedures, limiting user access and monitoring cybersecurity regulations. In addition, managers are increasingly able to rely on insurance to cover social engineering fraud losses. In a guest article, Ron Borys, senior managing director in Crystal & Company’s financial institutions group, and Jordan Arnold, executive managing director in K2 Intelligence’s New York and Los Angeles offices and head of the firm’s private client services and strategic risk and security practices, examine the risks of social engineering fraud, how fund managers can prevent it and how insurance policies can be used to protect against related losses. See also ­­­­“What the Financial Industry Should Know to Recognize and Combat Cyber Threats (Part One of Two)” (Jul. 26, 2017); Part Two (Aug. 9, 2017).  

    Read Full Article …
  • From Vol. 3 No.25 (Dec. 20, 2017)

    SEC Takes Aggressive Action Against Allegedly Fraudulent ICO

    As the prices of Bitcoin and other cryptocurrencies march relentlessly upward, regulators have been taking notice. The SEC recently filed a civil enforcement complaint against Quebec resident Dominic Lacroix, his company PlexCorps and his partner Sabrina Paradis-Royer in connection with an initial coin offering (ICO) of “PlexCoins.” Matthew Rossi, a Mayer Brown partner and former Assistant Chief Litigation Counsel in the SEC Division of Enforcement, told The Cybersecurity Law Report that the case illustrates the priorities of the recently formed SEC Cyber Unit. See also our three-part series on blockchain and the financial services industry: Basics of the Blockchain Technology (Jun. 4, 2017), Using Blockchain to Improve Operations and Compliance (Jun. 28, 2017) and Potential Impediments to Its Eventual Adoption (Jul. 12, 2017).

    Read Full Article …
  • From Vol. 3 No.17 (Aug. 23, 2017)

    Unlocking Encryption: A CISO’s Perspective on Encryption As Only One Strategy (Part Two of Three)

    As security leaders, CISOs are tasked with prioritizing what controls to implement while navigating the challenge of directing funds, time and personnel to best protect data in a number of different contexts. While encryption is a powerful and valuable method used to protect PII and other data, it should only be viewed as one of many available strategies, Omar Khawaja, VP and CISO for Highmark Health, told The Cybersecurity Law Report. He explained how best to use encryption and how in certain contexts other tools may be more effective. For another perspective, see “Unlocking Encryption: A Consultant’s View on Navigating Encryption Options and Persuading Reluctant Organizations (Part One of Three)” (Aug. 9, 2017); and “Unlocking Encryption: An Attorney Weighs in on Balancing Security and Practicality (Part Three of Three)” (Sep. 13, 2017). 

    Read Full Article …
  • From Vol. 3 No.16 (Aug. 9, 2017)

    What the Financial Sector Should Know to Recognize and Combat Cyber Threats (Part Two of Two)

    Financial Trojans are a widespread threat faced by the financial industry, and the U.S. is among the top five countries with the greatest number of detections, according to Symantec’s 2017 Internet Security Threat Report (ISTR). In a recent webinar, Symantec’s technical and threat experts provided insight on the key findings of the ISTR, with a focus on the latest and growing threats to the financial sector, noting that attackers will increasingly target large organizations and financial institutions. This second part of our two-part article series covering the ISTR and Symantec’s webinar details common sources of financial Trojans, looks at potential future attack targets and trends, and provides best practices for avoiding and mitigating these attacks. Part one summarized the threat landscape and the speakers’ insights on what common attacks look like, new threat actors and tools, and how to recognize them. See also “How Financial Service Providers Can Address Common Cybersecurity Threats” (Mar. 16, 2016).

    Read Full Article …
  • From Vol. 3 No.15 (Jul. 26, 2017)

    What the Financial Industry Should Know to Recognize and Combat Cyber Threats (Part One of Two)

    In addition to the rise of ransomware attacks, financial Trojans are a widespread threat faced by the financial industry, according to Symantec’s 2017 Internet Security Threat Report (ISTR). In a recent webinar, Symantec’s technical director and threat researcher provided insight on the key findings of the ISTR, which includes a comprehensive overview of the current cyber-threat landscape, with a focus on the latest and growing threats to the financial sector. This first part of our two-part article series covering the ISTR and Symantec’s webinar summarizes the threat landscape and the speakers’ insights on what common attacks look like, new threat actors and tools, and how to recognize them. Part two will go further in depth on financial Trojans and provide best practices for avoiding and mitigating these attacks. See also “How Financial Service Providers Can Address Common Cybersecurity Threats” (Mar. 16, 2016).

    Read Full Article …
  • From Vol. 3 No.15 (Jul. 26, 2017)

    International Law Playing Cybersecurity Catch-Up (Part Two of Two)

    Cybersecurity threats are global, and both public- and private-sector cybersecurity efforts require international coordination. Despite an acute need for cybersecurity-specific laws and treaties, these have been slow to develop, and in this vacuum, most countries are trying to adapt and apply existing legal frameworks to combat and address cybersecurity threats. In this second part of a two-part guest article series addressing the intersection of cybersecurity and international law, Hughes Hubbard attorneys Seth Rothman and Andreas Baum explore laws related to cyber crimes and international laws that regulate business activities, including recent E.U. legislative efforts. Part one provided insight on cyber warfare and the relevant laws and treaties that address the shifting threats. See also “Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation” (Mar. 2, 2016).

    Read Full Article …
  • From Vol. 3 No.14 (Jul. 12, 2017)

    International Law Playing Cybersecurity Catch-Up (Part One of Two) 

    Cybersecurity is a global concern requiring international coordination with respect to nation-state attacks and data-driven cross-border transactions and investigations. International organizations, nation states, and academic commentators continue to call for specific cybersecurity international laws or treaties. But with a few exceptions, nation states are continuing to borrow from traditional frameworks. This results in imperfect analogies, causing uncertainty for nations, businesses and individuals. In this two-part guest article series, Hughes Hubbard attorneys Seth Rothman and Andreas Baum address the intersection of cybersecurity and international law. Part one provides insight into cyber warfare and the relevant laws and treaties that are being used to create a framework for this shifting threat. Part two will explore laws related to cyber crimes and international laws that regulate business activities. See also “Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation” (Mar. 2, 2016).

    Read Full Article …
  • From Vol. 3 No.13 (Jun. 28, 2017)

    Three Takeaways From Congress’s Cross-Border Data Hearings

    The circumstances under which American law enforcement can obtain access to digital content information stored outside the United States is a critical issue for both the private and public sectors. It is currently under scrutiny both in recent Senate and House Judiciary Committee hearings and continued litigation in Microsoft Corp. v. U.S., in which the DOJ has filed a petition in the Supreme Court seeking to challenge the Second Circuit’s decision quashing a warrant seeking overseas data. In this guest article, Jenner & Block attorneys David Bitkower and Natalie Orpett discuss warrants under the Stored Communications Act, the ongoing litigation, and key takeaways and insights from the hearings. See also “Second Circuit Quashes Warrant for Microsoft to Produce Email Content Stored Overseas” (Aug. 3, 2016).

    Read Full Article …
  • From Vol. 3 No.9 (May 3, 2017)

    Infrastructure Cybersecurity Challenges: A View Through the Oil and Gas Pipeline Lens

    In 1997, the ad hoc Presidential Commission on Critical Infrastructure Protection issued an ominous warning that “the capability to do harm” by “cyberattack” to America’s critical infrastructures “is growing at an alarming rate, and we have little defense against it.” Jones Walker partner Andrew R. Lee argues in this guest article that since then, we have accepted the reality that the threat of critical infrastructure terror attacks is now pervasive, and has also grown increasingly complex and diffuse. He dissects the cybersecurity landscape in the energy industry, explains the effects of regulations and industry initiatives, and shares insights on what is coming from the Trump Administration. See “WilmerHale Attorneys Explain the Evolving Cybersecurity Environment of the Energy Sector” (Nov. 16, 2016).

    Read Full Article …
  • From Vol. 3 No.7 (Apr. 5, 2017)

    Multimillion-Dollar Scheme Serves As Backdrop for Lessons on Preventing and Mitigating Phishing Attacks

    Recent criminal charges based on a business email compromise scheme that induced two U.S.-based internet companies to wire more than $100 million to a fraudster’s bank accounts serve as a reminder that any company can fall prey to a phishing attack. Companies must ensure they are doing what they can to prevent becoming a victim. “This case shows there are few limits on the amount of money that you can potentially extract in attacks like this as long as you find a company with those kind of resources and some weakness in its financial controls,” Serrin Turner, a Latham & Watkins partner and former lead cybercrime prosecutor for the Southern District of New York’s U.S. Attorney’s office, told The Cybersecurity Law Report. With input from Turner, we discuss the facts behind the indictment and offer advice on how to prevent and mitigate damages from these types of attacks. See also “Advice From Blackstone and Tiffany CISOs on Fighting Cybercrime” (Nov. 2, 2016).

    Read Full Article …
  • From Vol. 3 No.4 (Feb. 22, 2017)

    Marsh and FireEye Take the Pulse of European Cybersecurity Climate

    FireEye, Inc. and Marsh & McLennan Companies recently released their joint 2017 European cyber risk report, which is based in part on data collected by Marsh in a survey of 750 of its European clients. It analyzes the current European threat environment, benchmarks companies’ cyber perceptions, discusses coming regulations that should provide increased transparency on cyber attacks and provides best practices for cybersecurity preparedness. For more insight from FireEye, see “How the Financial Services Industry Can Manage Cyber Risk” (Jul. 20, 2016). For more from Marsh, see our two-part series: “Building a Strong Cyber Insurance Policy to Weather the Potential Storm (Part One of Two)” (Nov. 25, 2015) and Part Two (Dec. 9, 2015).

    Read Full Article …
  • From Vol. 2 No.24 (Nov. 30, 2016)

    How to Respond to Law Enforcement Demands for Geolocation Data and Data Stored Abroad

    When faced with a range of demands for data from law enforcement, electronic communications and remote computing service providers must navigate the competing interests of user privacy and legal compliance. They must be prepared in advance to shape their response to a demand based on the type and location of data sought, as they will be expected to act quickly once it is made. During a recent webcast, ZwillGen attorneys Aaron Altschuler and Abby Liebeskind addressed how best to handle law enforcement requests regarding geolocation data and data held overseas in order to avoid liability and protect users. See also “CSIS’ James Lewis Discusses Balancing Law Enforcement and Privacy” (Mar. 16, 2016).

    Read Full Article …
  • From Vol. 2 No.22 (Nov. 2, 2016)

    Advice From Blackstone and Tiffany CISOs on Fighting Cybercrime

    Information security is “the hottest industry of all time” according to Lisa J. Sotto, managing partner of Hunton & Williams’ New York office and chair of the firm’s global privacy and cybersecurity practice. At a recent PLI panel, Sotto and fellow panelists Jay Leek, managing director and CISO for The Blackstone Group L.P.; Anthony Longo, CISO for Tiffany & Co. and Matthew F. Fitzsimmons, an Assistant Attorney General in Connecticut and head of the office’s Privacy and Data Security Department discussed the ballooning issue of cybercrime and how to both prevent and respond to attacks. See also “Establishing Strong Cybersecurity and Data Privacy Leadership: The Roles of the Chief Information Security Officer and Chief Privacy Officer” Part One (May 6, 2015); Part Two (May 20, 2015).

    Read Full Article …
  • From Vol. 2 No.18 (Sep. 7, 2016)

    Using Information Sharing to Combat Cyber Crime While Protecting Privacy 

    Sharing cyber intelligence information across respective industries is becoming an increasingly important way to predict and possibly prevent cyber attacks. Many companies, however, are not sharing data efficiently or at all. Alfred Saikali, Shook Hardy & Bacon partner, and Andrew Moir, a partner in the London office of Herbert Smith Freehills, shared their insights with The Cybersecurity Law Report on the importance of and best approaches to information sharing. They also highlighted issues companies should consider to protect themselves when engaging in the process, both from U.S. and U.K. perspectives. See also “How the Legal Industry Is Sharing Information to Combat Cyber Threats” (Sep. 16, 2015).

    Read Full Article …
  • From Vol. 2 No.13 (Jun. 22, 2016)

    Law Enforcement on Cybersecurity Matters: Corporate Friend or Foe? (Part One of Two)

    Countless corporate cyber crime victims have avoided contacting law enforcement, fearing reputational, regulatory, litigation or operational consequences. Given the increased number and sophistication of cyber attacks, more corporations will consider the merits of integrating law enforcement agencies into their incident response strategies. In the first article of this two-part series, in-house and outside counsel along with government officials share insight on the risks and benefits of coordinating with these agencies, and recommendations for when and how to establish a successful relationship with them. Part two will address interacting with law enforcement when there is a breach, including expert advice regarding the first call, the controls companies should have in place and the type of information the agencies really need. See also “Google, CVS and the FBI Share Advice on Interacting With Law Enforcement After a Breach” (May 11, 2016).

    Read Full Article …
  • From Vol. 2 No.13 (Jun. 22, 2016)

    Assistant Attorney General Leslie Caldwell Addresses the Challenges of Cross-Border Cooperation and Electronic Evidence Gathering

    The emergence of new technologies that allow users to evade detection has expanded opportunities for criminals to victimize innocent people while avoiding identification and accountability. Combating these criminals, whose crimes often transcend borders, requires international cooperation. Assistant Attorney General Leslie R. Caldwell addressed how the U.S. is fighting cyber crime on the international stage, including how it is handling encryption technology, in a recent speech at the Cybercrime Symposium 2016, presented by the Center for Strategic and International Studies and the DOJ Computer Crime and Intellectual Property Section. We highlight the key points of her speech. See also “In a Candid Conversation, FBI Director James Comey Discusses Cooperation Among Domestic and International Cybersecurity Law Enforcement Communities (Part Two of Two)” (Jun. 17, 2015).

    Read Full Article …
  • From Vol. 2 No.13 (Jun. 22, 2016)

    ISIL-Linked Hacker Pleads Guilty in First-of-Its-Kind Cyber Terror Case

    Hackers are not only breaching companies’ systems for their own monetary gain – they can be “cyber terrorists,” acting on behalf of nation-states or movements. After successful international cooperation, on June 15, 2016, one such terrorist, Kosovo citizen Ardit Ferizi, pled guilty to charges of providing material support to the Islamic State of Iraq and the Levant. He stole PII from an Illinois company to help ISIL threaten U.S. military and government personnel. “The case against Ferizi is the first of its kind, representing the nexus of the terror and cyber threats,” Assistant Attorney General for National Security John Carlin said. See also “Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation” (Mar. 2, 2016).

    Read Full Article …
  • From Vol. 2 No.10 (May 11, 2016)

    Google, CVS and the FBI Share Advice on Interacting With Law Enforcement After a Breach

    Among the many decisions companies must make following a cyber incident are whether, when and how to engage with law enforcement. At the recent FT Cyber Security Summit USA, experts from Google, CVS Health, the FBI and the Center for Strategic and International Studies gave their advice on interacting with the government, and discussed the responsibilities and priorities of the compliance and legal teams in the wake of an attack. See also “Picking up the Pieces After a Cyber Attack and Understanding Sources of Liability” (Apr. 13, 2016).

    Read Full Article …
  • From Vol. 2 No.5 (Mar. 2, 2016)

    Prosecuting Borderless Cyber Crime Through Proactive Law Enforcement and Private Sector Cooperation

    Identifying, locating and prosecuting cyber criminals is a complex operation that takes coordination efforts among various law enforcement agencies as well as the private sector. David Hickton, the U.S. Attorney for the Western District of Pennsylvania, spoke with The Cybersecurity Law Report in advance of the Financial Times Cyber Security Summit on March 16, 2016 in Washington, D.C., where he will participate as a panelist. An event discount code is available to CSLR readers inside the article. In our interview, Hickton addresses the challenges, changes, and private sector cooperation within cybersecurity law enforcement. See also our series featuring FBI Director James Comey’s discussion of the “‘Evil Layer Cake’ of Cybersecurity Threats” (Jun. 3, 2015); and “Cooperation Among Domestic and International Cybersecurity Law Enforcement Communities” (Jun. 17, 2015).

    Read Full Article …
  • From Vol. 2 No.4 (Feb. 17, 2016)

    Cybersecurity Preparedness Is Now a Business Requirement

    How can companies make cybersecurity preparedness an integral part of their business practices? During a recent panel at ALM’s cyberSecure event, JoAnn Carlton, general counsel and corporate secretary at Bank of America Merchant Services, Edward J. McAndrew, Assistant U.S. Attorney and Cybercrime Coordinator at the U.S. Attorney’s Office, and Mercedes Tunstall, a partner at Pillsbury, gave their perspectives on steps companies can take to enhance cybersecurity. They discussed how the evolving nature of cyber attacks requires evolving business models. Simply establishing an incident response plan is not enough: companies must build privacy preparedness across the organization and engage in a continuous cycle of planning and response to stay ahead of cyber threats. See also “Coordinating Legal and Security Teams in the Current Cybersecurity Landscape (Part One of Two)” (Jul. 1, 2015); “The Challenge of Coordinating the Legal and Security Teams in the Current Cyber Landscape (Part Two)” (Jul. 15, 2015).

    Read Full Article …
  • From Vol. 1 No.16 (Nov. 11, 2015)

    What Companies Can Learn from Cybersecurity Resources in Pittsburgh

    Cyber crime is a serious threat – it cripples companies, damages economies, funds terrorism, launders drug money and bleeds the assets of individuals, according to the DOJ.  Often this cyber war is waged from shadows overseas (and often in the form of corporate cyber espionage).  Companies should be using a broad array of tools to prevent and mitigate the effect of international and domestic cyber crime, such as information sharing, sufficient cyber insurance as well as a thorough breach response plan that includes proper notification and preservation of evidence for future actions.  As K&L Gates attorneys Mark A. Rush and Joseph A. Valenti describe in a guest article, one place where law enforcement and the private sector have come together is Pittsburgh, where a string of major cyber crime cases has recently been prosecuted.  Developments there can serve as a model for cybersecurity measures across the country and across industries.  Rush and Valenti describe cybersecurity best practices before, during and after a breach, as well as some unique ways government officials as well as companies in Pittsburgh specifically are handling cyber crime.  See also “After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?,” The Cybersecurity Law Report, Vol. 1, No. 4 (May 20, 2015).

    Read Full Article …
  • From Vol. 1 No.16 (Nov. 11, 2015)

    California Law Enforcement Faces Higher Bar in Acquiring Electronic Information

    California, looked to as a leader in privacy protections as well as breach notification requirements, has passed the California Electronic Communications Privacy Act (CalECPA), a new law that raises the bar for state law enforcement seeking electronic information.  Aravind Swaminathan and Marc Shapiro, Orrick partner and associate, respectively, told The Cybersecurity Law Report what CalECPA – which requires state law enforcement officials to secure a warrant before they can access electronic information – means for companies and individuals.  See also “Orrick Attorneys Explain California’s New Specific Standards for Breach Notification,” The Cybersecurity Law Report, Vol. 1, No. 15 (October 28, 2015).

    Read Full Article …
  • From Vol. 1 No.9 (Jul. 29, 2015)

    How to Prevent and Manage Ransomware Attacks (Part Two of Two)

    Even when companies take each recommended step to prevent a ransomware attack (such as properly training employees, backing up files, segregating data and limiting network access), a ransomware attack can still sneak through, and without a rapid proper response, cause widespread damage.  This article, the second of a two-part series, addresses how to handle a ransomware attack, when and how to report the incident, and strategies for working with law enforcement.  The first article in the series explained the threat and provided steps that companies can take to prevent ransomware attacks and mitigate the impact if one does occur.  See also “Weil Gotshal Attorneys Advise on Key Ways to Anticipate and Counter Cyber Threats,” The Cybersecurity Law Report, Vol. 1, No. 4 (May 20, 2015).

    Read Full Article …
  • From Vol. 1 No.7 (Jul. 1, 2015)

    SEC Commissioner Says Public-Private Partnership Is Key to Effective Cybersecurity

    In a speech at this year’s SINET Innovation Summit, SEC Commissioner Luis Aguilar emphasized the “scope and urgency” of cybersecurity threats and the ineffectiveness of many network security programs, citing a multitude of studies.  He also called for more formalized information-sharing between private sector companies and the government.  See also “In a Candid Conversation, FBI Director James Comey Talks About the ‘Evil Layer Cake’ of Cybersecurity Threats,” The Cybersecurity Law Report, Vol. 1, No. 5 (Jun. 3, 2015).

    Read Full Article …
  • From Vol. 1 No.6 (Jun. 17, 2015)

    In a Candid Conversation, FBI Director James Comey Discusses Cooperation among Domestic and International Cybersecurity Law Enforcement Communities (Part Two of Two)

    The FBI’s understanding of cybersecurity has advanced from the youth league to college-level in the past decade, FBI Director James Comey told WilmerHale partner Ben Powell at the annual Georgetown Cybersecurity Law Institute.  Much of that improvement has to do with growing cooperation between governments, and within our own, along with increased efforts by the private sector.  But, he said, the FBI needs to get to World Cup play.  This article, the second part of the CSLR’s two-part series, covers Comey’s frank comments about: the role of the FBI in relation to other law enforcement agencies; international cybersecurity developments; international cooperation in a post-Snowden world; pending information-sharing legislation in Congress; misperceptions about the FBI that he hears from the private sector; and how the FBI competes with the private sector for talent.  The first article discussed how the FBI has adapted its techniques in the face of cyber threats; the FBI’s relationship with local law enforcement agencies and the private sector; his concerns about the encryption of data; and how the FBI has expanded its information-sharing programs with the private sector. 

    Read Full Article …
  • From Vol. 1 No.5 (Jun. 3, 2015)

    In a Candid Conversation, FBI Director James Comey Talks About the “Evil Layer Cake” of Cybersecurity Threats (Part One of Two)

    In a wide-ranging and frank conversation with WilmerHale partner Ben Powell at the annual Georgetown Cybersecurity Law Institute, FBI Director James Comey likened the cybersecurity dangers the country faces to an “evil layer cake” and called general counsels (including himself in his former role) “obstructionist weenies.”  This article, the first part of the CSLR’s two-part series, covers Comey’s remarks about: how the FBI has adapted its techniques in the face of cyber threats; the FBI’s relationship with local law enforcement agencies and the private sector; his concerns about the encryption of data; and how the FBI has expanded its information-sharing programs with the private sector.  In the second part, we will cover Comey’s views on: the role of the FBI in relation to other law enforcement agencies; international cybersecurity developments; international cooperation in a post-Snowden world; misperceptions about the FBI that he hears from the private sector; information-sharing legislation; and how the FBI competes with the private sector for talent.  See also “After a Cyber Breach, What Laws Are in Play and Who Is Enforcing Them?,” The Cybersecurity Law Report, Vol. 1, No. 4 (May 20, 2015).

    Read Full Article …
  • From Vol. 1 No.4 (May 20, 2015)

    DOJ Encourages Cyber Incident Reporting and Advance Planning with Best Practices Guidance

    Following other government agencies who have weighed in on cybersecurity, the DOJ’s Cybersecurity Unit has published guidance titled “Best Practices for Victim Response and Reporting of Cyber Incidents,” outlining its recommendations for steps to take prior to a cyber incident; how to respond to an incident, including mistakes often made in the chaos following an incident; and effective follow-up actions.  Experts say that while it is nothing new, the document does emphasize the government’s expectations.  The Guidance “reinforces the notion that a ‘check-the-box’ approach to cybersecurity does not suffice.  Companies must implement a thoughtful, robust and effective plan that is tailored to the company’s particular business, risks and operations,” Richard Tarlowe, counsel at Paul, Weiss told The Cybersecurity Law Report.

    Read Full Article …
  • From Vol. 1 No.3 (May 6, 2015)

    Gibson Dunn Attorneys Discuss the Impact of Obama’s Executive Order Creating New Tools to Fight Cyber Attacks

    On April 1, 2015, President Obama issued an Executive Order declaring that the threats caused by “malicious cyber-enabled activities” had created a state of national emergency.  The order launches a sanctions program targeting foreign cyber attackers, allowing regulators to freeze assets and bar financial transactions, among other things.  Gibson, Dunn & Crutcher partners Alexander Southwell, Judith Lee, Jose Fernandez and associates Stephenie Gosnell Handler and Eric Lorber discussed the impact of this important order and these new tools with The Cybersecurity Law Report.

    Read Full Article …