The recent cases of FTC v. Wyndham and In Re TerraComm and YourTel America, we have seen that federal government agencies are pursuing companies who have negligent cybersecurity standards — and the government is winning.
In fact, the government need not point to specific statutory violations to win these cybersecurity cases — meaning, a company does NOT have to violate the FTC Act or the FCC regulations — to be found negligent. It is simply a common law negligence standard.
This September 2015 article from the Palm Beach Bar Bulletin, The Government Can Sue Your Company for Negligent Cybersecurity, explains the recent cases and provides an overview of some of the new standards for cyber-negligence.
Our prior post, regarding the 20 different federal agency standards on cybersecurity, may also be of interest, here.
Photo source / credit: http://www.collectionscreditrisk.com/news/ccr_creditcard/ftc-closes-illegal-credit-card-interest-rate-case-3021981-1.html