This post was also written by David Z. Smith and Carolyn H. Rosenberg.

In the wake of its massive data breach, Target now faces a shareholder derivative lawsuit, filed January 29, 2014. The suit alleges that Target’s board members and directors breached their fiduciary duties to the company by ignoring warning signs that such

This post was written by Amy S. Mushahwar and J. Andrew Moss.

If your team is in the process of negotiating and purchasing security and data privacy event liability insurance (“cyberliability” coverage), think carefully before signing any technical due diligence representations or warranties that are typically requested in connection with the insurance application. Oftentimes,

This post was also written by Diane Bettino.

Nearly every state in the U.S. has a statute requiring notifications upon discovery of a data security breach.  Most of these laws do not mandate notification to any state authority. T hose few state laws that compel governmental notice are usually satisfied with contemporaneous notice, or