As a Champion of National Cybersecurity Awareness Month (NCSAM), Mayer Brown is committed to cybersecurity and online safety. Throughout October, in thought leadership materials and programs, we are offering insights on key legal issues and developments affecting cybersecurity and data privacy in the United States and around the world.



Into the Gray Zone: New Report Analyzes Potential of Active Defense as a Response to Sophisticated Cyber Threats in the Private Sector

Task force including Mayer Brown partner Raj De issues report assessing law, technology, and policy of proactive cybersecurity measures.

A new report from the GW Center for Cyber and Homeland Security offers a comprehensive assessment of the legal, policy and technological contexts that surround private sector cybersecurity and active defense measures. The report draws on knowledge from a task force including experts in the public and private sectors who are thought leaders in technology, security, privacy, law and business. Read the full report >>


Five Questions General Counsels Should Ask About Cybersecurity and Data Privacy Litigation

John Nadolenco, Robert Kriss, Laura Hammargren, Kendall Burman and Stephen Lilley.

Cybersecurity and data privacy litigation continues to grow rapidly in scale and complexity. Putative class actions not only follow major data breaches but also increasingly allege vulnerabilities in a wide range of products, from cars to toys, even before any attack has occurred. And plaintiffs continue to assert privacy claims against both cutting-edge technologies and long-established business practices. Read the full report >>


US Federal Banking Agencies Invite Public Comment on Enhanced Cyber Risk Management Standards for Large and Interconnected Financial-Sector Entities

Raj De, Jeffrey Taft, Stephen Lilley and Matthew Bisanz.

On October 19, 2016, the Board of Governors of the Federal Reserve System, Office of the Comptroller of the Currency and Federal Deposit Insurance Corporation issued an advance notice of proposed rulemaking indicating that they were considering establishing new heightened cyber risk management standards for certain large financial institutions and their service providers. Read the full report >>


Department of Homeland Security Releases Draft National Cyber Incident Response Plan

Raj De, Kendall Burman, Stephen Lilley, and Joshua Silverstein.

On September 30, 2016, the US Department of Homeland Security publicly released its Draft National Cyber Incident Response Plan. This draft document provides a detailed and strategic framework to guide engagement and activity on cyber incident response and is intended to be used by a full range of stakeholders, including individuals; the private and nonprofit sectors; state, local, tribal and territorial governments; and the federal government. Read the full report >>


Publications

HIT Think: How to Better Prepare for Inevitable Cyber Attacks

Laura Hammargren discusses ways healthcare companies and providers can protect their networks against hackers in this HealthData Management article.
Read the full report >>

The Internet of Things: Questions for Policymakers and Implications for Businesses

Kendall Burman and Stephen Lilley discuss federal policymakers' actions to date, as well as five aspects of the Internet of Things that are likely to inform future policymaking on privacy and cybersecurity in this Bloomberg BNA's Privacy and Security Law Report article.
Read the full report >>

The Role Of Cyberinsurance In Risk Management

James Woods, Marcus Christian and Jeyshree Ramachandran discuss the role of cyberinsurance in risk management in this Law360 article.
Read the full report >>


In the News

Hacking Forum Cuts Section Allegedly Linked to DDoS Attacks CIO.com
Marcus Christian weighs in on potential legal implications of DDoS-for-hire services on Hack Forums.

Mayer Brown Insurance Expert Discusses the Importance of Cybersecurity

Insurance Journal

James Woods spoke with Insurance Journal about the insurance industry's increasing focus on cybersecurity, demonstrated by the recently proposed cybersecurity regulation in New York.

ABA Journal's 10 Questions LIVE: Raj De ABA Journal
ABA Journal publishes live Q&A video interview with Raj De on his career.


Events of Interest

November 10 – 12:00 p.m. – 1:00 p.m. EST: Webinar - Cybersecurity Regulation in the United States: Governing Frameworks and Emerging Trends – Raj De, leader of Mayer Brown's global Cybersecurity & Data Privacy practice and recent former general counsel of the National Security Agency, Jeff Taft, Kendall Burman and Stephen Lilley as they discuss important topics addressed in our guide, including:

  • Recent key developments in cybersecurity regulation—from rulemaking to enforcement actions
  • Trends in regulatory activity across sectors and what they mean for the future
  • Priority issues for executives and other stakeholders as they work to satisfy regulatory requirements in a manner that is consistent with business needs and complements a risk-based approach to cybersecurity

Register >>

November 17: Sourcing Industry Group (SIG) Webinar: Contracting for Cybersecurity and Privacy Protections – Rebecca Eisner and Lei Shen discuss how to address cybersecurity and privacy protections through the contracting process including how to better build data security into your supplier contracts, and while doing so, how to protect yourself against emerging threats. View Details >>

November 17: Save the Date: Global Financial Markets Initiative Teleconference: Cybersecurity and Financial Services – Authors of Cybersecurity Regulation in the United States: Governing Frameworks and Emerging Trends will share highlights impacting the financial services industry.

December 1: Save the Date: Teleconference: Cybersecurity Regulation and the Internet of Things – Authors of Cybersecurity Regulation in the United States: Governing Frameworks and Emerging Trends will share highlights impacting the Internet of Things.

Learn more about our Cybersecurity & Data Privacy practice.

Visit us at mayerbrown.com.

Visit us at mayerbrown.com

Mayer Brown is a global legal services provider comprising legal practices that are separate entities (the "Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both limited liability partnerships established in Illinois USA; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales (authorized and regulated by the Solicitors Regulation Authority and registered in England and Wales number OC 303359); Mayer Brown, a SELAS established in France; Mayer Brown JSM, a Hong Kong partnership and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

© Copyright 2016. The Mayer Brown Practices. All rights reserved.

This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.