The legal issues regarding data security get more complicated when you consider that 47 states currently require relatively swift investigation and reporting to individuals when a cyberintrusion is detected. It is pretty obvious that the lawyers representing companies need to understand these state reporting requirements. Congress is considering a federal law to create uniformity.
Hardly a day goes by without a headline about a cyberintrusion. No entity is immune — international retailers, airlines, hotels, mom and pop stores, cloud providers — even the U.S. government. However, it seems that few businesses contemplate how important it is for their attorney to know and understand cybersecurity, as well as know what to do when a cyberintrusion occurs.
The U.S. government — itself a cybervictim — provides the guidance we have been waiting for. The Cybersecurity Unit, part of the Computer Crime & Intellectual Property Section (CCIPS) within the Department of Justice Criminal Division, earlier this year issued its Best Practices for Victim Response and Reporting of Cyber Incidents.
Related Insights
January 9, 2026
Labor & Employment Law Perspectives
Navigating Workplace AI When Federal, State Policies Clash
January 9, 2026
Foley Viewpoints
Legal Risks Associated With Accelerated Investment Opportunities in Venezuela
January 9, 2026
Manufacturing Industry Advisor
Foley Automotive Update
Foley is here to help you through all aspects of rethinking your long-term business strategies, investments, partnerships, and technology. Contact the authors, your Foley relationship partner, or our Automotive Team to discuss and learn more.