• An Emerging Patchwork Of Cybersecurity Rules
  • August 30, 2017 | Authors: Ben Marzouk; Tony Ficarrotta; Susan S. Krawczyk; Issa J. Hanna
  • Law Firms: Eversheds Sutherland (US) LLP - Washington Office; Eversheds Sutherland (US) LLP - New York Office; Eversheds Sutherland (US) LLP - Washington Office
  • Law360

    Full Article

    With the recent adoption of cybersecurity regulations governing broker-dealers and investment advisers registered in Colorado and Vermont, the landscape of cybersecurity regulation continues to evolve in significant ways. For those businesses not yet covered by cyber regulations, these latest moves indicate that the day of reckoning may be coming, with both federal and state regulators actively expanding their reach.

    Moreover, these latest regulations may further contribute to an emerging “cybersecurity standard of care,” leaving those who lag behind best practices more vulnerable before the courts. Finally, this emerging regulatory patchwork increasingly threatens to lead to inconsistent standards — although an important thread of consistency (or regulatory convergence) exists.

    In their article for Law360, Eversheds Sutherland attorneys Michael Bahar, Susan Krawczyk, Issa Hanna, Tony Ficarrotta and Ben Marzouk discuss the Colorado and Vermont rules, the comparison to New York’s regulation, the comparison with Federal regulations, the impact on litigation and key takeaways.