Breach notification laws have been a major driver of data protection efforts in U.S. organizations for more than a decade. This form of disclosure-based regulation exists in 47 of 50 U.S. states, as well as four other U.S. jurisdictions, but has yet to be adopted as a law of general applicability at the federal level. This Essay considers the effects the structure of existing disclosure-based cybersecurity regulation has on the efficacy of U.S. firms’ cybersecurity measures. Drawing on previous empirical work and analysis of firm incentives, it suggests two modest conclusions about the most efficacious legal structures: (1) that any disclosurebased regulation should be part of a broader cybersecurity regulatory framework and (2) that any ri...
In today’s technologically dependent world, concerns about cybersecurity, data breaches, and comprom...
As the reported number of data breaches increase and senators push for more disclosure regulation, t...
We investigate consumer and firm responses to information privacy and security factors across three ...
Breach notification laws have been a major driver of data protection efforts in U.S. organizations f...
In recent times the breach of security systems or cyber-attacks leading to unauthorized acquisitions...
This paper documents the reporting to the SEC of 197 major incidents of cybersecurity breaches among...
Cybersecurity regulation presents an interesting quandary where, because private entities possess th...
(Excerpt) This Note argues that a strict federal data breach notification law would not only appease...
The compromise of personal data has been a major concern across most organizations after the introdu...
This study investigates whether cyber risk has an impact on corporate governance. Specifically, it s...
Current scholarly understanding of information security regulation in the United States is limited. ...
In response to evolving cybersecurity challenges, global spending on information security has grown ...
With the looming threat of the next hacking scandal, data protection efforts in law firms are becomi...
This article investigates the adequateness of data breach notification laws and the possible impact ...
The law increasingly requires private companies to disclose information for the benefit of consumers...
In today’s technologically dependent world, concerns about cybersecurity, data breaches, and comprom...
As the reported number of data breaches increase and senators push for more disclosure regulation, t...
We investigate consumer and firm responses to information privacy and security factors across three ...
Breach notification laws have been a major driver of data protection efforts in U.S. organizations f...
In recent times the breach of security systems or cyber-attacks leading to unauthorized acquisitions...
This paper documents the reporting to the SEC of 197 major incidents of cybersecurity breaches among...
Cybersecurity regulation presents an interesting quandary where, because private entities possess th...
(Excerpt) This Note argues that a strict federal data breach notification law would not only appease...
The compromise of personal data has been a major concern across most organizations after the introdu...
This study investigates whether cyber risk has an impact on corporate governance. Specifically, it s...
Current scholarly understanding of information security regulation in the United States is limited. ...
In response to evolving cybersecurity challenges, global spending on information security has grown ...
With the looming threat of the next hacking scandal, data protection efforts in law firms are becomi...
This article investigates the adequateness of data breach notification laws and the possible impact ...
The law increasingly requires private companies to disclose information for the benefit of consumers...
In today’s technologically dependent world, concerns about cybersecurity, data breaches, and comprom...
As the reported number of data breaches increase and senators push for more disclosure regulation, t...
We investigate consumer and firm responses to information privacy and security factors across three ...