The legal issues regarding data security get more complicated when you consider that 47 states currently require relatively swift investigation and reporting to individuals when a cyberintrusion is detected. It is pretty obvious that the lawyers representing companies need to understand these state reporting requirements. Congress is considering a federal law to create uniformity.
Hardly a day goes by without a headline about a cyberintrusion. No entity is immune — international retailers, airlines, hotels, mom and pop stores, cloud providers — even the U.S. government. However, it seems that few businesses contemplate how important it is for their attorney to know and understand cybersecurity, as well as know what to do when a cyberintrusion occurs.
The U.S. government — itself a cybervictim — provides the guidance we have been waiting for. The Cybersecurity Unit, part of the Computer Crime & Intellectual Property Section (CCIPS) within the Department of Justice Criminal Division, earlier this year issued its Best Practices for Victim Response and Reporting of Cyber Incidents.
Related Insights
January 13, 2026
Foley Career Perspectives
Foley Attorneys Deepen Boys & Girls Clubs of America Partnership
As the first and only law firm to partner with BGCA on a national scale, Foley supports the organization's youth leadership development strategy through programs and initiatives that open doors for the next generation to thrive.
January 12, 2026
Energy Current
Ninth Circuit Hears Oral Argument in Challenge to California Climate Disclosure Laws SB 261 and SB 253; No Ruling Yet
On January 9, 2026, a three-judge panel for the U.S. Court of Appeals for the Ninth Circuit heard oral argument in a challenge to…
January 12, 2026
Labor & Employment Law Perspectives
Cannabis and Employment Law: The Year Ahead in 2026
As we move into 2026, legal frameworks surrounding cannabis continue to evolve across the jurisdictions in ways that can directly or…