Principles of Cybersecurity Law

Years of technical and legal experience are combined to provide a map for cybersecurity counseling based on an understanding of the CISO’s technical cybersecurity issues and how they fit into today’s cybersecurity law challenges. The authors explain the difference and overlap between privacy law, cybersecurity law, and cybersecurity.

---

This book is for cybersecurity and privacy professionals, cybersecurity and privacy lawyers, law students, and anyone interested in learning the cybersecurity laws that apply to an entity based on the entity's business model(s) and data collection model(s). For example, what is the applicable Securities and Exchange Commission (SEC) cybersecurity law if an entity provides an alternate trading platform (ATP) with a daily trading volume of 50,000? The authors combine years of technical and legal experience in providing a map for cybersecurity counseling based on an understanding of the CISO's technical cybersecurity issues and how they fit into today's cybersecurity law challenges. The authors explain the difference and overlap between privacy law, cybersecurity law, and cybersecurity. Those interested in speaking the same cybersecurity language as a Chief Information Security Officer (CISO) will benefit. The first chapter provides a review of cybersecurity. For example, key to any discussion on cybersecurity is the Confidentiality, Integrity, and Availability (CIA) of data. Learn how to implement policy-based "reasonable security measures" frameworks for your organization that form a legal defense to cybersecurity-based actions brought by U.S. agencies such as the Federal Trade Commission (FTC) and state Attorney Generals. A high-level discussion of the National Institute of Science and Technology (NIST) cybersecurity frameworks is included as well as data breach laws, ransomware, anti-hacking related laws and some international issues.