Guide for Cybersecurity Whistleblowers
Whistleblower lawyer Dallas Hammer has published a Practitioner’s Guide to Cybersecurity Whistleblowing. The guide can be downloaded here. The guide summarizes rewards and protections for cybersecurity whistleblowers under a variety of federal and state laws, including the whistleblower protection provisions of the Sarbanes-Oxley Act.
Cybersecurity Whistleblower Lawyers
Whistleblower firm Zuckerman Law represents cybersecurity whistleblowers nationally. Prior representations include a CIO at a multi-national company, a CISO at a bank, an internal auditor, and advising executives and IT professionals in a range of employment issues implicating cybersecurity. Dallas Hammer is a leading cybersecurity whistleblower attorney and has written and lectured extensively on this topic. His publications include:
- The Rise of Cybersecurity Whistleblowing, NYU Law Compliance & Enforcement Blog (December 2016)
- Cybersecurity Whistleblowing: What Employees at Public
Companies Should Know Before Reporting Information Security Concerns, ISSA Journal (June 2016)
Corporate Crime Reporter interviewed Mr. Hammer about cybersecurity whistleblowing. A summary of the interview is available online at Dallas Hammer on the Rise of Cybersecurity Whistleblowing. Mr. Hammer is routinely interviewed by reporters about whistleblower rewards and protections.
The guide surveys recent cybersecurity legal developments, with a focus on rewards and protections for cybersecurity whistleblowers. Topics covered include:
- The SEC’s role regulating the cybersecurity of publicly-traded corporations, including the “safeguards rule” designed to ensure that registered broker-dealers, investment companies, and investment advisers have policies and procedures reasonably designed to protect customers’ sensitive information
- SEC rules requiring disclosure of cybersecurity risks, including Regulation SK Item 503, and SEC Rule 10b-5.
- The duty to disclose cybersecurity issues that materially affect the corporation’s financial condition and the duty to disclose material weaknesses in its internal controls related to information security.
- The roles of the U.S. Consumer Financial Protection Bureau and U.S. Federal Trade Commission in cybersecurity regulation.
- Increasing state regulation of cybersecurity, including state laws mandating disclosures of security breaches.
- Sarbanes-Oxley whistleblower protection for disclosures about cybersecurity.
- Whistleblower protection under the False Claims Act and National Defense Authorization Act.
- SEC whistleblower rewards under the Dodd-Frank SEC Whistleblower Program.
Qualifying for a SEC Whistleblower Award