Anticipating the Next New Variety of Cybersecurity Litigation

Corporate Compliance Insights

12 Nov 2019

MoFo partners Kristen Mathews, Mark David McPherson, and Janie Schulman authored an article for Corporate Compliance Insights that covers best practices for companies to prevent and defend against cybersecurity whistleblower claims.

“Employees and outsiders have a variety of incentives to raise cybersecurity concerns,” the authors wrote, adding that the consequences of cybersecurity whistleblowing “could prove substantial,” and detailing recent examples of fines and settlements for companies found to be noncompliant.

The authors recommend that companies consider several measures any time it learns of an employee raising cybersecurity concerns about the company’s products, data governance structures or practices, including “thoroughly investigating the concern, considering retaining an independent outside cybersecurity firm, considering revising the audit committee’s procedures for handling confidential complaints, considering revising the company’s incident response plan, and documenting any adverse employment actions carefully.”

They also share tips for companies that fail to avert a whistleblower suit, and note that “in this complex and evolving legal landscape, it will pay off for a company to take special care to navigate these decisions and their potential ramifications safely.”

Visit this link to read the article.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.