US - Doron Goldstein Featured In The Wall Street Journal.

Doron Goldstein was featured in the Wall Street Journal article “Companies Remain Reluctant to Admit Paying Off Hackers.”

Data Innovation, Privacy and Cybersecurity Partner Doron Goldstein discussed the Securities and Exchange Commission’s (SEC) adoption of cyber incident reporting rules for publicly traded companies this past July. While companies may choose whether or not to pay hackers a ransom to restore business operations or avoid having any stolen data published, they often fail to disclose their decision. In a recent SEC filing, casino operator Caesars Entertainment avoided revealing whether they had paid a ransom to hackers this summer. Soon, however, companies will have to comply with the SEC’s rules requiring them to report details of cyberattacks on their systems in 8-K filings. These rules come into effect in December, and other companies have already begun to comply by detailing attacks in their filings or other regulatory forms.

Though the SEC isn’t the only regulatory or governing body with rules around incident reporting, their rules are likely to be more comprehensive. “The materiality threshold in the SEC rules would in many cases include whether a company paid a ransom,” Doron told the Wall Street Journal. “Payments stretching into millions of dollars might be material for some businesses,” he said. “We’re going to see more reporting of things the public didn’t know was happening before,” he indicated.

Increased cybersecurity measures and training have likely contributed to a reduction in the rate at which companies pay ransoms, but the average ransom payment has increased significantly. In some cases, paying a ransom may seem the obvious choice, assuming a company plans to avoid potentially injuring their reputation by keeping it quiet. Cybersecurity professionals disagree on whether or not to encourage victims to pay a ransom, and the FBI suggests paying a ransom simply increases the frequency of attacks. Unfortunately, in industries such as healthcare, cyberattacks can pose a real risk to public health if computer systems containing critical information are pulled offline.

You can read the full article here. Please note, a subscription may be required.

For further information, please contact:

Doron S. Goldstein, Partner, Withersworldwide

doron.goldstein@withersworldwide.com

US – Doron Goldstein Featured In The Wall Street Journal.

UK – Changes To Pensions And Inheritance Tax: More Than Meets The Eye.

India – Jet, Set And Grounded – Supreme Court Orders liquidation Of Jet Airways.

India – The Paradox Of Security Interest For Dissenting Secured Creditors: Has The Paridhi Finvest Judgement Settled The Issue?

India – Simultaneous IBC Proceedings Against Corporate Debtor And Corporate Guarantor: Critical Takeaways From BRS Ventures Case.

Overseas Companies And The EU And UK Carbon Border Adjustment Mechanisms.

Malaysia – Case Law Discourse On The Non-compliance Or Breach Of Express Conditions Of Alienated Land.

Malaysia – Taxation Of Legal Fees.

Indonesia – Refining The Indonesian Core Tax Administration System.

Malaysia – Suing Shareholders For The Failure Of A Company To Redeem The Redeemable Convertible Cumulative Preference Shares (RCCPs).

EU Court Clarifies VAT Rules For Gambling Businesses – Key Insights For Operators In The Industry.

CONVENTUS LAW

OTHERS

US – Doron Goldstein Featured In The Wall Street Journal.

Register for your monthly Asia legal updates from Conventus Law

- Sacha Kirk - Lawcadia,

Footer

CONVENTUS LAW

OTHERS