Litigating cybersecurity cases is no easy matter. In addition to the highly technical subject matter, the applicable standard of care, i.e., what constitutes reasonably prudent cybersecurity practices, is not a black-and-white issue. Cybersecurity standards are continually evolving, can be inconsistent among so-called industry standard-bearers, and can vary based on the industry, application, and resources of the client. Practitioners litigating cybersecurity, hacking, and data breach cases need to be aware of these variables and carefully craft their litigation strategy accordingly.

Business today means dealing with digital information risk. Cyberattacks, hackers, and disgruntled insiders, among others, can compromise a computer system resulting in a breach of consumer personal information, stolen corporate secrets, and computer network disruptions. When these attacks also damage third parties, whether they are consumers or commercial counterparties, lawsuits often follow.