Introduction to Resource Center
This page provides an overview of the IAPP's Resource Center offerings.

Contact Resource Center
For any Resource Center related inquiries, please reach out to resourcecenter@iapp.org.

Cybersecurity Law

Resource Center / Topic Pages / Cybersecurity Law

Image

Cybersecurity Law

TOPIC PAGE

Navigate by Topic

On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to cybersecurity law. The IAPP additionally hosts a topic page for Privacy Tech and Privacy by Design resources.

Cybersecurity Law Center
With cybersecurity law and policy becoming a distinct discipline integral to organizations’ legal compliance, data governance and risk mitigation strategies, the IAPP presents the Cybersecurity Law Center to address the need for deeper understanding and wider engagement. The Cybersecurity Law Center provides networking, education, resources and workshop opportunities for lawyers and nonlawyers alike.
View here

Featured Resources

Back to top

BOOK

Cybersecurity Law Fundamentals

“Cybersecurity Law Fundamentals” serves cybersecurity practitioners looking for a refresher and also guiding generalists and newcomers to the field.
Read More

PODCAST

Top trends in cybersecurity

This episode discusses the top trends in cybersecurity law and policy with data security experts James Dempsey and John Carlin.
Read More

ARTICLE

Major trends in US cybersecurity law and policy

This article discusses the onslaught of recent U.S. laws, regulations, class-action lawsuits and enforcement actions.
Read More

ARTICLE

Managing third-party risks under EU data protection, cybersecurity laws

This article discusses managing third-party risks, identified as among the most significant cybersecurity and legal threats to organizations.
Read More

ARTICLE

FTC adds right to delete to cybersecurity settlement

This article details the FTC’s first “right to be forgotten” requirement in a cybersecurity enforcement action.
Read More

VIDEO

Cybersecurity: Heightened Legal Risk Requires New Expertise

This LinkedIn Live discusses cybersecurity law and policy developments in the U.S., ranging from updates on ransomware, to the latest on SEC disclosure rules, state legislation and lessons from recent regulatory enforcement actions.
Read More

Back to Top

Back to top

Back to Top

Breach notification and incident reporting

Incident and Breach Management

TOPIC PAGE

Adverse event reporting and preparing for the next wave of privacy litigation

ARTICLE

AI incident response plans: Not just for security anymore

ARTICLE

SEC adopts rules to update cybersecurity incident reporting

BLURB

ANPD publishes new security incident reporting form

ARTICLE

Reporting cyber incident requirements in some Latin American jurisdictions

ARTICLE

FTC signals expanded breach notice obligations

ARTICLE

Is the EDPB’s ‘targeted update’ to data breach reporting guidance a ‘mini-budget’ moment for GDPR regulation?

ARTICLE

Cyber Incident Reporting Simplified with Privacy Best Practices

WEB CONFERENCE

An inside look at law enforcement response to cyberattacks

ARTICLE

What the world of sports teaches us about incident preparedness and response

ARTICLE

Future-Proof Compliance with Breach Notification Regulations

WEB CONFERENCE

State Data Breach Notification Chart

TOOL

Comparing EU regulatory norms with incident reporting obligations

ARTICLE

How to evaluate your privacy-incident response program

ARTICLE

How to operate under Canada’s new breach notification landscape

ARTICLE

How to accelerate breach-notification timeframes

ARTICLE

Benchmarking for GDPR: How often are orgs reporting data breaches to authorities and subjects?

ARTICLE

72 hours and counting: Do’s and don’ts of incident response

ARTICLE

How often do notification exceptions apply? We look to the data

ARTICLE

Some Privacy Practices May Result in Under-Reporting of Breach Incidents

WHITE PAPER

Benchmarking your Privacy Incident Management Program – Article Series

ARTICLE SERIES

Back to top

Back to Top

Breach litigation and private right of action

Private Rights of Action in US Privacy Legislation

RESOURCE ARTICLE

Enacted Federal Statutes with PRA

CHART

Reporting cyber incident requirements in some Latin American jurisdictions

ARTICLE

Third circuit shows how to establish standing in data breach cases

ARTICLE

US courts mixed on letting data breach suits go forward

ARTICLE

Data Breach: Mitigating Risks in an Ever-Changing Landscape

VIDEO

CCPA litigation: Shaping the contours of the private right of action

ARTICLE

Encryption’s impact on potential liability under CCPA

ARTICLE

Back to top

Back to Top

Enforcement of cybersecurity practices

Enforcement

TOPIC PAGE

Cybersecurity and the cloud: Lessons from FCC cloud breach enforcement

ARTICLE

Biased AI systems face the music: Analyzing the FTC’s Rite Aid enforcement

ARTICLE

California privacy agency lays out vision for cybersecurity regulation

ARTICLE

Managing Data Breach Liability & Exposure

WEB CONFERENCE

State Attorneys General on privacy, cybersecurity, enforcement and legislation

ARTICLE SERIES

FTC Cases and Proceedings

GUIDANCE

Keynote: Lina Khan, Chair of the Federal Trade Commission (IAPP Global Privacy Summit 2022)

VIDEO

Hidden privacy lessons in the FTC’s CafePress security enforcement

ARTICLE

FTC Chair Lina Khan opens up on tech enforcement

ARTICLE

Mass. attorney general stands up Data Privacy, Security Division

ARTICLE

FTC-Facebook vs. largest global privacy and security fines

INFOGRAPHIC

IAPP Guide to FTC Privacy Enforcement

WHITE PAPER

Back to top