Focus on Asia
Mitigating Risk to Business Data in China and Across Asia Pacific
Cybersecurity has been soaring up the corporate and political agenda as companies and regulators become increasingly sensitive to business and reputational risks. All companies are now targets for hacking, ransomware attacks and theft of sensitive business and consumer information. Partners Scott Flicker and Robert Silvers share their insights on how companies can mitigate their risk and ensure they are prepared to respond swiftly and effectively, should a data breach occur.
Aligning with Sharper Regulatory Scrutiny
“Companies face a pressing need to ensure that their business strategies align with sharper regulatory scrutiny. Around the world, governments are racing to enact new regimes to regulate in the areas of cybersecurity and data protection. Some of these efforts are wide-ranging and could impose significant burdens and impacts on businesses operating in the affected regions.
"Regulatory impacts on data stores can be indirect and come from unexpected corners. In its latest annual report, the U.S. Committee on Foreign Investment (CFIUS) for the first time explicitly identified ‘pools of data’ as being of potential national security concern. CFIUS reform legislation recently introduced in both houses of Congress also calls out protection of sensitive categories of data as justifying potential barriers to cross-border investment based on national security concerns. On the other side of the globe, Chinese regulators will be requiring international companies to onshore certain types of data as a condition of gaining market access.
"Cybersecurity is also having far-reaching consequences on regulatory interactions as concerns about the security of holding or transmitting data increase. Governments are paying more attention to companies’ cybersecurity protection measures, often demanding increased investment and commitments in data security as a condition to winning required approvals for deals and other commercial activity.”
Partner, Investigations & White Collar Defense and Global Trade Controls Practices Washington, D.C.
Taking on the New Cyber Threat Landscape
“Drawing on my experience as the former U.S. Assistant Secretary of Homeland Security for Cyber Policy during the Obama Administration, I advise global companies on how to mitigate potential risks, from avoiding hacks of personal information and ransomware to preventing the theft of sensitive technology. Companies need to constantly undertake cyber assessments and reevaluate whether they have procedures and governance in place to meet the threat, and to meet regulatory expectations as well.
"The first 72 hours after an incident are critical for managing a crisis. Internal stakeholders need to be as prepared as possible to minimize the reputational and financial consequences, as well as secondary consequences such as regulatory fines and disruption of deal flow.”
Partner, Investigations & White Collar Defense and Privacy & Cybersecurity Practices Washington, D.C.