Attorneys: Despite FTC endorsement, cyber framework not a shield from enforcement action

Adherence to the federal framework of cybersecurity standards is not enough for organizations to avoid enforcement actions by the Federal Trade Commission, attorneys say, despite the FTC recently issuing guidance urging companies to adopt the cyber framework.

Last month, the FTC published a blog expressing support of the National Institute of Standards and Technology's cybersecurity framework as a tool to help businesses better protect consumer data from cyber attacks.

Aravind Swaminathan, global co-chair of the Orrick law firm's cybersecurity...