Published on:

Meetup on Lessons Learned from the Equifax Data Breach

SVLG Shareholder Stephen Wu will host a conference call program on the recent Equifax data breach on October 25, 2017 at 10 am Pacific/1 pm Eastern. While the Equifax is not the largest ever in terms of the total number of records affected, by some estimates, it affected about half of the population in the United States. With a breach that large, legislators and regulators are considering what new policies may help to prevent future large-scale breaches.

For businesses that create, receive, maintain, and transmit personal data, the Equifax breach raises the question of what changes are necessary to keep up with evolving data security threats. According to news reports, the breach occurred because of a failure in patch management — a failure to implement a publicly available patch to a known security vulnerability for a period of months. Are there emerging threats that warrant changes in patch management practices? Or did the Equifax breach occur because of the company’s failure to take care of the basic patch management steps. We will explore these questions in this program.

The program will generally explore the technical and legal ramifications of the breach.  What are the prospects for liability? What compliance challenges does the breach highlight? Are there changes in documented practice and procedure that the breach would suggest?

Finally, the Equifax breach raises issue beyond simply the handling of sensitive personally identifiable information. Patch management will be a crucial aspect of securing the Internet of Things. Updating software will also be an issue for driverless cars, robots, medical devices, and other network-connected devices. Accordingly, the program will cover what the Equifax breach says about securing IoT devices, autonomous vehicles, medical devices, and other networked devices.   We will discuss potential liability for companies manufacturing these devices.

This Meetup is a program of the American Bar Association Section of Science & Technology Law and the Santa Clara County Bar Association. In addition, to Mr. Wu, the program will include Steven Teppler of the Abbott Law Group and David Sun of Sunblock Systems as panelists.

Click here for more information about the program. A dial-in will appear in the comment section of the Meetup page for this program no later than the night before the talk. Please contact Stephen Wu if you have questions about the program.  For more information about preventing and responding to data breaches, please refer to our online guide.