Alston & Bird recently issued an Advisory, co-authored by Jim Harvey and Karen Sanzaro, on the complexities of managing a data breach that implicates strategic third party vendor relationships. Cybercrime and data security incidents are on the rise. Security breaches and the ensuing investigation and remediation process can be costly and complex. The process is […]
Cyber Risk
Moody’s Identifies Cyber Risk As Key Factor in Credit Ratings
In a report released November 23, Moody’s Investors Service announced that the implications of cyber threats could start taking a higher priority in its credit analysis. Moody’s said it views cyber threats as similar to other extraordinary event risks, such as a natural disaster. “While we do not explicitly incorporate cyber risk as a principal […]
FFIEC Warns of Increase in Cyber Attacks Involving Extortion, Encourages Financial Institutions to Develop Response Programs
Last week, the Federal Financial Institutions Examination Council (FFIEC) issued a joint statement warning of an “increasing frequency and severity of cyber attacks involving extortion.” The statement warned that criminals have been extorting financial institutions using a variety of tactics, including denial of service attacks, theft of sensitive information, and use of “ransomware,” which is […]
The Supreme Court To Resolve Whether a Violation of a Statutory Right Confers Article III Standing
The Supreme Court’s recent decision to hear the appeal in Spokeo, Inc. v. Robins may have significant implications for data breach litigation in particular and consumer class action litigation generally. At issue is whether a plaintiff who has suffered no actual injury or harm nonetheless has standing under Article III of the United States Constitution […]
New York State Regulator to Examine Insurers on Cybersecurity Following Comprehensive Risk Assessments
On March 26, 2015, Benjamin Lawsky, Superintendent of the New York State Department of Financial Services (DFS), sent a letter to the CEOs, General Counsel, and Chief Information Officers of all insurers doing business in the state to inform them of a mandatory cybersecurity questionnaire and the initiation of targeted cybersecurity examinations. Approximately 160 insurers […]