Thursday 4 March 2021

New Book: Cybersecurity Law: An Evolving Field

In December of 2020, my coauthor, Jack Hobaugh, and I published teaching materials in a casebook concerning Cybersecurity Law with West Academic Publishing [available, here].  I will likely include additional cybersecurity and privacy material as part of the content of the IP Finance blog because of the growing importance of that area of law as demonstrated, in part, by the recent U.S. Government Accounting Office Report discussed below.  Here is a short description of the book:

Cybersecurity Law: An Evolving Field is a casebook that covers the duties of a cybersecurity professional, state and federal regulation, risk assessment and the NIST Risk Assessment Frameworks, common law and statutory causes of action concerning data breach, laws related to anti-hacking, problems concerning the Internet of Things and selected international issues. This text is for law students and counsel who want to understand the connections between cybersecurity laws and cybersecurity requirements, and advise clients concerning cybersecurity related issues. In part, it seeks to bridge the communication gap between the legal department and the cybersecurity team.

In addition, here are some reviews of the book:

“Jack Hobaugh and Michael Mireles have created a masterful work addressing the laws on cybersecurity and data privacy litigation. The casebook is an incredibly comprehensive treatment of these subjects and is an essential resource for students, cyber professionals and lawyers who practice in this area or who seek a basic understanding of the law and issues in these emerging areas. The book is well written and addresses with clarity the hot topics of today and for years to come. I keep the book within arm’s reach as it has become essential in my legal practice as a privacy advocate.”
—John A. Yanchunis, Head of Class Action Department, Morgan & Morgan

Cybersecurity Law: An Evolving Field is a terrific casebook that provides a comprehensive understanding of cybersecurity law. Cybersecurity law is a diverse and fragmented body of law, but the casebook pulls everything together in a clear and well-organized way. The casebook includes background about cybersecurity frameworks, and its focus and approach is practical and wide-ranging. This book also serves as a highly-useful resource on the topic, as it includes a large array of materials with extensive background sections and insightful notes.”
—Daniel J. Solove, John Marshall Harlan Research Professor of Law, George Washington University Law School

The Government Accounting Office of the United States has released its High Risk Series Report on March 2, 2021, which reviews areas of and subjects concerning the U.S. Government needing leadership to address series problems.  The Report points to cybersecurity as a serious concern and notes that there has been a “regression” in cybersecurity in the U.S. Government since 2019.  The Report states: “This regression is due to missing (1) important characteristics of a national strategy in the White House’s September 2018 National Cyber Strategy and the National Security Council’s accompanying June 2019 Implementation Plan and (2) an officially appointed central leader for coordinating the execution of the White House’s approach to managing the nation’s cybersecurity.”  Moreover, the Report identifies several other issues concerning cybersecurity:

Based on our prior work, we have identified four major cybersecurity challenges:

  • establishing and implementing a comprehensive cybersecurity strategy and performing effective oversight,
  • securing federal systems and information,
  • protecting cyber critical infrastructure, and
  • protecting privacy and sensitive data.


No comments: