Cybersecurity red lock

This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, chief information security officers, chief information officers, chief technology officers, corporate counsel, internet and tech practitioners, in-house counsel. Visit the website to learn more.

Colorado recently adopted a new law expanding companies' obligations in the event of a cybersecurity incident, and establishing new data security and disposal obligations. Recent announcements by the SEC likewise emphasize important responsive points for both companies and their personnel in the wake of an incident.

Five key takeaways from these developments are highlighted below. In brief, proactively updating company policies, remediation plans, and disclosure and trading practices before a cybersecurity incident arises can go a long way towards efficiently working through a situation when it arises.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.