Partners Martin Braun, Jason Chipman and Benjamin Powell and Counsel Leah Schloss discuss cybersecurity concerns nationwide and focus on the evolving regulatory requirements for businesses at risk in the Global Trends, Germany and United States chapters of Getting the Deal Through: Market Intelligence.
Excerpt: Cybersecurity continues to represent a growing risk for companies around the world with cyber threats posed by nation states, commercial competitors, company insiders, transnational organised crime and 'hacktivists' continuing to grow on a global basis. Recent high-profile and disruptive cyber attacks using ransomware have become particularly problematic for large and small companies alike. Read the full Global Trends chapter.
Excerpt: Mainstream media in Germany has continued its extensive coverage of cybersecurity-related topics, especially the major breaches that have occurred around the world. Cybersecurity requirements in the General Data Protection Regulation (GDPR) have continued to play a major role in companies’ implementation efforts. The importance of these efforts has been highlighted by the initial fining decisions of the German supervisory authorities, with several fines sanctioning inadequate IT security. In this context, a decision of the supervisory authority of the German state of Baden-Württemberg against the provider of a German social network attracted significant attention. Hackers had been able to access unencrypted passwords, which ultimately led to a €20,000 fine. In its press release, the supervisory authority made clear that the fine would have been much higher, had the provider not contacted the regulator immediately and cooperated fully. Read the full Germany chapter.
Excerpt: Although many economic sectors in the United States have little or no cybersecurity standards, there is a growing trend toward more proscriptive requirements in economic sectors perceived as playing a critical role in the US economy or for US security. For example, defence contractors in the United States face increasingly strict data security requirements for how they manage, store and process sensitive government information. At the same time, there is new focus in the United States on the creation of national privacy legislation. The US Congress has held multiple hearings in the first half of 2019 to investigate a perceived need for the US to craft data handling rules similar to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Read the full United States chapter.