Publications
Publications
- October 2022
- HBS Case Collection
Note on Cyberattacks and Regulatory Regimes
Abstract
Describes common types of cyberattacks on enterprises and their costs, as well as the fragmentary regulatory regimes through which U.S. states and regulatory agencies at the start of 2021 attempted to encourage disclosure of cyberattacks and to pursue enforcement action against negligence in failing to adequately safeguard personally identifiable information (PII), payment card information (PCI), and protected health information (PHI).
Keywords
Regulations; Regulatory Agencies; Cyberattacks; Governance; Corporate Disclosure; Cybersecurity; Information Industry; Information Technology Industry; Health Industry; Financial Services Industry; United States
Citation
Nagle, Frank, George A. Riedel, William R. Kerr, and David Lane. "Note on Cyberattacks and Regulatory Regimes." Harvard Business School Background Note 723-392, October 2022.