KMK Law Cybersecurity & Privacy Blog

We recently presented “Can’t We All Get Along in the Sandbox?” at the 12^th Annual NKU Cybersecurity Symposium, one of the largest cybersecurity symposiums in the Tristate region.  Our presentation focused on a number of topics including:

-  The current cybersecurity landscape.

-  The patchwork framework of state data privacy statutes - including the California Consumer Privacy Act, the Ohio Data Protection Act, and other recently enacted and updated state statutes - and the competing goals and objectives of the respective state frameworks.

-  Proposed national legislation and the tension between State AGs and the federal government regarding potential national standards.

-  The respective roles of federal agencies in cybersecurity.

-  The growing interest and strength of State AGs in cybersecurity and data protection and the potential for uniformity and guidance through State AG enforcement actions and settlements.

-  The tension between international, national, and state rules and statutes which creates some confusion and a “race to the top” mentality in the cybersecurity sandbox. 

At the end of the day, as companies work through conflicting regulations and guidance, we reminded everyone that there are some basic “cyber sandbox rules” that companies of all sizes should be following:

• Put policies in writing
• Train/talk with employees
• Encrypt data and change passwords
• Evaluate BYOD policies
• Limit access to certain data
• Install software updates/patches
• Find business partners/vendors with $$$ to invest
• Talk to your Board, C-Suite about investing in stages
• Listen, learn, read – stay informed!

Please feel free to contact any of the authors if you want a copy of the presentation. For more information on KMK Law's Cybersecurity & Privacy Team, please click here.