Law Commons^™

Understanding Cyber Risk: Unpacking And Responding To Cyber Threats Facing The Public And Private Sectors, Lawrence J. Trautman, Scott Shackelford, Brian Elzweig, Peter Ormerod

University of Miami Law Review

Cyberattacks, data breaches, and ransomware continue to pose major threats to businesses, governments, and health and educational institutions worldwide. Ongoing successful instances of cybercrime involve sophisticated attacks from diverse sources such as organized crime syndicates, actors engaged in industrial espionage, nation-states, and even lone wolf actors having relatively few resources. Technological innovation continues to outpace the ability of U.S. law to keep pace, though other jurisdictions including the European Union have been more proactive. Nation-state and international criminal group ransomware attacks continue; Sony’s systems were hacked by a ransomware group; MGM Resorts disclosed that recovery from their September 2023 hack …

Small Business Cybersecurity: A Loophole To Consumer Data, Matthew R. Espinosa

The Scholar: St. Mary's Law Review on Race and Social Justice

Small businesses and small minority owned businesses are vital to our nation’s economy; therefore legislation, regulation, and policy has been created in order to assist them in overcoming their economic stability issues and ensure they continue to serve the communities that rely on them. However, there is not a focus on regulating nor assisting small businesses to ensure their cybersecurity standards are up to par despite them increasingly becoming a victim of cyberattacks that yield high consequences. The external oversight and assistance is necessary for small businesses due to their lack of knowledge in implementing effective cybersecurity policies, the fiscal …

A New Frontier Facing Attorneys And Paralegals: The Promise & Challenges Of Artificial Intelligence As Applied To Law & Legal Decision-Making, Marissa Moran

Publications and Research

Artificial Intelligence/AI invisibly navigates and informs our lives today and may also be used to determine a client’s legal fate. Through executive order, statements by a U.S. Supreme Court justice and a Congressional Commission on AI, all three branches of the United States government have addressed the use of AI to resolve societal and legal matters. Pursuant to the American Bar Association Model Rules of Professional Conduct[i] and New York Rules of Professional Conduct (NYRPC), [ii] the legal profession recognizes the need for competency in technology which requires both substantive knowledge of law and competent use of technology for …

Cybersecurity Stovepiping, David Thaw

Articles

Most readers of this Article probably have encountered – and been frustrated by – password complexity requirements. Such requirements have become a mainstream part of contemporary culture: "the more complex your password is, the more secure you are, right?" So the cybersecurity experts tell us… and policymakers have accepted this "expertise" and even adopted such requirements into law and regulation.

This Article asks two questions. First, do complex passwords actually achieve the goals many experts claim? Does using the password "Tr0ub4dor&3" or the passphrase "correcthorsebatterystaple" actually protect your account? Second, if not, then why did such requirements become so widespread? …

Data Breach (Regulatory) Effects, David Thaw

Articles

No abstract provided.

Cloud Computing Providers And Data Security Law: Building Trust With United States Companies, Jared A. Harshbarger Esq.

Jared A. Harshbarger

Cloud computing and software-as-a-service (SaaS) models are revolutionizing the information technology industry. As these services become more prevalent, data security and privacy concerns will also rise among consumers and the companies who consider using them. Cloud computing providers must establish a sufficient level of trust with their potential customers in order to ease initial fears - and ensure certain compliance obligations will be met - at least to the extent that any such inquiring customer will feel comfortable enough to ultimately take the irreversible step of releasing their sensitive data and personal information into the cloud.