Subscription Center  

News

In a December 16, 2013 article, Inside Cybersecurity quoted Venable partner Jamie Barnett on the first cybersecurity framework, which the federal government is set to release before its February 2014 deadline. As the National Institute of Standards and Technology works to complete the voluntary framework, many law firms are advising clients to comply with the guide to avoid potential liabilities.

Some firms warn that the framework could become a “standard of care” by which companies would be held accountable for cyber-related damages depending on the circumstances. Barnett said that, as a legal definition, a standard of care can take some time to develop, and the framework may very well be headed in that direction. “If it raises what people see as reasonable security, and you're not meeting that standard of care, then there may be liability.”

And though a standard of care may not transpire immediately, Barnett explained that insurance companies might rush to require clients to follow the framework or pay higher premiums if they want cybersecurity insurance.

He concluded, saying the framework “is serious. It does change things.”