Businesses Prepare for Cybersecurity Regulations on Both Sides of Atlantic

In both the U.S. and the U.K., legislative agendas on cybersecurity have sparked dialogue on privacy rights and how corporations can deal with data hacking. In an article in The Times, Kathleen Rice, counsel in Faegre Baker Daniels’ South Bend office, discussed the U.S. Senate’s recent passage of the Cybersecurity Information Sharing Act (CISA), which she called “long overdue” and “a very significant development” in helping businesses deal with data hacks.

“What CISA provides is completely voluntary and will help to institute a culture change in how we deal with hacking,” Rice said. “People have looked for technical solutions, but what we really need is information-sharing so that people can talk to each other to raise awareness of potential threats. CISA provides clear guidance to companies on what is required of them when they do this."

In the U.K., businesses are preparing for EU cybersecurity regulations expected to be released in 2016. Huw Beverley-Smith, partner in FaegreBD’s London office, noted a “mixed response” from businesses on the upcoming regulations, which The Times said “will introduce an obligation to notify cases of personal data breaches” in an effort to “increase transparency and put control of data back in the hands of individuals.”

“Many are ready for it, but others view it as another regulatory hurdle,” Beverley-Smith said.

The complete article is available to subscribers.