Trust Anchor: An established point of trust in a cryptographic system from which a process of validation can begin.
We’re excited to announce the launch of Orrick’s new cybersecurity blog, Trust Anchor, a blog highlighting recent cases, legislative and regulatory developments, emerging standards for cybersecurity and data protection, risk management and insurance. Today’s post covers the notification decision tree for breaches of username/password credentials – what the law says, what you should do, and why. Check back soon for Trust Anchor coverage of the top takeaways from the “IAPP Privacy. Security. Risk 2015” conference.
“Cybersecurity and data privacy are boardroom level concerns for our clients in technology, energy & infrastructure, finance, retail and virtually every other sector,” noted Orrick Chairman Mitch Zuklie. “We are pleased to be able to share this blog as one tool to help clients validate their approaches and stay fully informed of the latest legal, regulatory and commercial developments in this area.”
"This is a dynamic and evolving area making it particularly challenging, moving target for companies to address. The Trust Anchor blog serves as foundational resource on which clients and anyone looking to learn more about cybersecurity can rely,” said Tony Kim, co-chair of Orrick’s Cybersecurity & Data Privacy team.
Co-chair Aravind Swaminathan added, “Because of the unique composition of our team and our deep experience in developing global privacy programs and proactive and responsive cybersecurity risk management, we are able to offer unique perspectives on timely news and critical information related to cybersecurity and privacy.”
Highly ranked by Legal 500 for "an aggressive yet practical" approach and “understanding of the law,” Orrick’s team of 30+ cybersecurity and privacy lawyers across the U.S., Europe and Asia has directed numerous responses to cyberattacks and data breaches involving compromised personal data and intellectual property assets; partnered with law enforcement to bring affirmative litigation to disable botnets responsible for global financial theft and fraud; and designed cross-border privacy compliance programs across industries and technologies. The team regularly works with clients on proactive cybersecurity preparedness, transactional diligence, international data transfers and business-enabling privacy initiatives.