Copyright © 2018 ALM Media Properties, LLC. All Rights Reserved.
In the not-so-distant past, when hackers breached a company’s cybersecurity defenses and pilfered data, including sensitive customer information, the government and public alike often viewed the company as one of the victims. Not anymore. A confluence of cybersecurity developments is changing the game: highly publicized corporate network intrusions impacting large swaths of the U.S. population (Equifax, Yahoo and Target, to name just a few); a wave of aggressive new regulations (both currently in effect and proposed) at the state and federal levels, with the looming threat of regulatory enforcement and sizable penalties; and growing exposure to legal liability for data breaches under existing consumer protection laws. As the dust settles, an emerging legal and regulatory standard of care for cybersecurity is coming into sharper focus. Global financial firms, in particular, should pay close attention to this quickly evolving cybersecurity compliance landscape—or risk getting crushed under the weight of stiffening regulations and class action lawsuits.