Careers

Diversity, Equity & Inclusion

Experience

Innovation

Interactive Maps

Locations

About

Pages

Meet our team of innovators
Ask us how we do it

Professionals

Insights

Services

Thompson Hine LLP, a full-service business law firm with approximately 400 lawyers in 8 offices, was ranked number 1 in the category “Most innovative North American law firms: New working models” by The Financial Times and was 1 of 7 firms shortlisted for The American Lawyer’s inaugural Legal Services Innovation Award. The firm has been recognized by the National Law Journal as a Legal Technology Trailblazer and featured by Bloomberg for its innovative service delivery models, which drive accuracy and predictability. The firm’s commitment to innovation is embodied in Thompson Hine SmartPaTHTM – a smarter way to work – predictable, efficient and aligned with client goals. For more information, please visit ThompsonHine.com and ThompsonHine.com/SmartPaTH.

Home | Thompson Hine LLP

Atlanta

Chicago

Cincinnati

Cleveland

Columbus

Dayton

Los Angeles

Minneapolis

New York

Washington, D.C.

Steven G. Stransky (Thompson Hine) and Lacy Rex (Oswald Companies) recently published on Law360 an article, “Preparing For New Mandatory Cyber Reporting Rules,” which can be accessed in full <a href="https://admin.thompsonhine.com/wp-content/uploads/2022/08/Law360_-_Preparing_For_New_Mandatory_Cyber_Reporting_Rules.pdf">here</a>.

contentpilot/introduction

On March 15, 2022, The Cybersecurity Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) was signed into law, and mandates that certain entities notify federal authorities within 72 hours of being subject to a cyber incident and within 24 hours after making certain types of ransomware payments. While the Cybersecurity and Infrastructure Security Agency (CISA) works on implementing regulations per the legislation, businesses should begin assessing whether their incident response plans (IRP) align with the law’s key provisions. This article summarizes CIRCIA’s most burdensome obligations and provides guidance on the initiatives that businesses can incorporate into their IRPs to comply with the law and minimize their cybersecurity risk.

core/paragraph

The article was published by Law360, a legal news service that delivers newsletters to more than 2 million daily readers’ inboxes covering over 60 practice areas and industries.

<a href="https://www.thompsonhine.com/professionals/stransky-steven" target="_self" rel="noopener">Steven G. Stransky</a>&nbsp;is a partner and co-chair of Thompson Hine’s Privacy &amp; Cybersecurity group. He is also an adjunct law professor at Frederick K. Cox International Law Center at Case Western Reserve University School of Law, where he teaches courses on foreign affairs, national security and constitutional war powers.

<a href="https://www.oswaldcompanies.com/leadership/lacy-rex/?msclkid=9cc75a19aaa411ecb60e2abd131febbd" target="_self" rel="noopener">Lacy Rex</a> is Vice President, Cyber Strategic Leader at Oswald Companies and has over 13 years of experience in the insurance industry, and concentrates on executive risk coverages. She focuses on cyber liability and technology errors and omissions liability lines of coverage. She works closely with carriers to draft policy enhancements and frequently speaks and blogs about cyber liability topics.

<a href="https://www.thompsonhine.com/professionals/stransky-steven" target="_self" rel="noopener">Steven G. Stransky</a>

https://admin.thompsonhine.com/wp-content/uploads/2022/08/Law360_-_Preparing_For_New_Mandatory_Cyber_Reporting_Rules.pdf