Katz, Marshall & Banks partner Alexis Ronickher recently published an article in Security Magazine entitled, "It’s Time to Embrace Cybersecurity Whistleblowers" In the article, Ms. Ronickher and co-author Matthew LaGarde discuss why companies should appreciate cybersecurity whistleblowers instead of fearing them. Cybersecurity whistleblowers serve an important function by highlighting an organization's data security issues. Rather than retaliating against cyber whistleblowers for reporting these issues, companies should embrace these reports and address the problems head-on. Ms. Ronickher notes, "By creating a safe culture for whistleblowers to report internally, organizations can avoid following in the footsteps of Yahoo and becoming the next victim of a high-profile and catastrophic data breach."
Retaliating against cybersecurity whistleblowers can create a host of legal problems. As Ms. Ronickher discusses in the article, cybersecurity whistleblowers can benefit from anti-retaliation protections under the Sarbanes-Oxley Act (SOX), if their employer is publicly traded, and Dodd-Frank Act, as well as many state wrongful termination laws. Cybersecurity whistleblowers may even be eligible for monetary awards under the SEC and CFTC whistleblower rewards programs or by filing a qui tam suit under the False Claims Act. Ms. Ronickher concludes that companies need to encourage internal reporting of cybersecurity problems in order to avoid a host of legal troubles and the long-term costs of a cybersecurity breach.
The full article is available to read with a subscription here. For more information about the current legal protections available for cybersecurity whistleblowers, download a free copy of Ms. Ronickher’s Cybersecurity Whistleblower Protections manual.