Skip to Main Content


August 2018
Cybersecurity Law & Strategy

Five Takeaways from Recent Cybersecurity Developments by Colorado and the SEC

This article appeared in Cybersecurity Law & Strategy (August 2018), an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. 

Colorado recently adopted a new law expanding companies’ obligations in the event of a cybersecurity incident, and establishing new data security and disposal obligations. Recent announcements by the SEC likewise emphasize important responsive points for both companies and their personnel in the wake of an incident. Five key takeaways from these developments are highlighted below. In brief, proactively updating company policies, remediation plans, and disclosure and trading practices before a cybersecurity incident arises can go a long way towards efficiently working through a situation when it arises.

To read the full article, click here (subscription required).

Brian Neil Hoffman is of counsel with Holland & Hart LLP. A former SEC enforcement attorney, Brian defends clients in government and SRO investigations and litigates shareholder disputes.


Unless you are a current client of Holland & Hart LLP, please do not send any confidential information by email. If you are not a current client and send an email to an individual at Holland & Hart LLP, you acknowledge that we have no obligation to maintain the confidentiality of any information you submit to us, unless we have already agreed to represent you or we later agree to do so. Thus, we may represent a party adverse to you, even if the information you submit to us could be used against you in a matter, and even if you submitted it in a good faith effort to retain us.