Posted: February 10th, 2017
By: Libby Casale*| Staff Writer
Cybersecurity is an evolving and growing field, and one full of unknowns. Panelists discussed cybersecurity, cyber incidents, and cybersecurity breaches at the Cyber Security Panel during the 2017 JBIPL Banking Law: Current and Future Issues Symposium.
For breaches, it is often not a question of whether, but when, a breach will happen. Breaches can take multiple forms. They may be caused by hactivists, state sponsored theft, cyberterrorism, or could also be caused by malicious insiders. Additionally, breaches could be caused by something as simple as a self-populating email header or by sending your files to an unintended recipient.
Following a breach, state law predominately governs reporting and other duties. All states but three have some sort of law pertaining to cybersecurity, with Europe enacting a law shortly. Some of the provisions relating to breaches are industry driven, however most are state driven. While every state has different provisions, many deal with disclosure to affected persons. Such disclosure provisions may dictate requirements such as letting an individual know that their data has been breached, and what type of data has been breached. Disclosure requirements may also turn on the type of information breached.
Insurance relating to cybersecurity is available to mitigate harm. An important takeaway is to be familiar with where your insurance policy is at, and what type of policy you have to avoid losing response time after a breach by having to search for the information. Looking at the terms of a policy can also be imperative in making sure that you are within the bounds of your policy, for example by selecting an approved law firm to handle your breach. These policies may not cover breaches caused by malicious insiders or social engineering fraud. Social engineering fraud occurs when you have been hacked and you voluntarily gave up the information, such as through a bogus email or webpage.
It is apparent that cybersecurity is a growing and changing field, and one to take notice of. JBIPL thanks the panelists for their insight on cybersecurity, cyber incidents, and cybersecurity breaches.
Libby Casale is a second year law student at Wake Forest University School of Law. She holds an Honors Bachelor of Science in Business Administration with an emphasis in Entrepreneurship, and minors in Economics and History from Oregon State University. Upon graduation, she plans to practice in the areas of privacy and cybersecurity law.