Wednesday, August 31, 2016

Data Breach Liabilities: Not Just an IT Problem

On 29 August 2016, Wapack Labs identified the growing concern for clarification and understanding of state and federal legislation and regulatory control regarding company data breaches.  The U.S. Congress passed the Cybersecurity Information Sharing Act (CISA) and was signed into law by the President in December 2015. This is a good step to help guide private information notifications in the event of a breach.  But many states have outdated, and at times, ambiguous statues and regulations regarding cyber security; especially how and when to notify data breach victims.  This creates both potential government civil liabilities for companies of all sizes.  Data breaches are no longer an IT problem, but a company-wide concern.  We are providing this information for your situational awareness.

Publication date:                           30 August 2016

Handling requirements:               Traffic light protocol (TLP) GREEN

Attribution/Threat Actors:           Data Breaches – legislation/regulations  

Actor Type:                                    All Tier levels      

Potential Targets:                           USA

Past Reporting:                               Msg #7859

The full attribution report has been published in its entirety in the Red Sky Alliance portal.  For more information please contact the lab directly at 844-4-WAPACK, 603-606-1246, or

About Wapack Labs

Wapack Labs, located in New Boston, NH is a Cyber Threat Analysis and Intelligence organization supporting the Red Sky Alliance, the FS-ISAC and individual organizations by offering expert level targeted intelligence analysis answering some of the hardest questions in Cyber.  Wapack Labs’ engineers, researchers and analysts use deep analysis techniques and visualization to design and deliver transformational cyber-security analysis tools that fuse open source and proprietary information.  The intelligence derived from these tools and techniques serve as the foundation of Wapack Labs’ information reporting to the cyber-security teams of its customers and industry partners located around the world.