Cybersecurity is more important now than ever, as most private, confidential, and proprietary information is stored and transmitted electronically. Consumers, businesses, governments, and individuals all rely on regulators and law enforcement to prevent and prosecute cybercriminals. Unfortunately, there is currently no federal statute that explicitly protects cybersecurity whistleblowers from retaliation. However, there are several statutes that may provide cybersecurity whistleblowers with a basis for actionable retaliation claims, depending on the specific circumstances and facts of the case.
In her article, Ms. Robb discusses which laws may be applicable depending on whether a cybersecurity whistleblower is an employee of a public company, private bank, government contractor, or the federal government. She also addresses what a whistleblower must do to be legally protected from retaliation. Among other laws, Ms. Robb analyzes the Sarbanes-Oxley Act of 2002, the Dodd-Frank Act of 2010, the Financial Institutions Reform Recovery and Enforcement Act of 1989, and the Whistleblower Protection Act.
Protecting individuals who report unaddressed cybersecurity weaknesses and breaches is critical to ensuring the safe and secure functioning of government and nearly every industry.
Read the full article here.