Any organization that’s been the victim of a cyber attack has a host of stakeholders to deal with, not the least of which is the applicable regulatory authority, either state or federal. Any businesses hoping that the Federal Trade Commission (FTC) would lose some of its authority in pursuing companies following cyber breaches have been sent a clear signal by an appeals court. It’s not going to happen—at least for now.

In a recent ruling on FTC v. Wyndham Worldwide Corp., the U.S. Court of Appeals for the Third Circuit also has given the go-ahead on a lawsuit against Wyndham.

Lisa Sotto, an attorney at Hunton & Williams who also chairs the U.S. Department of Homeland Security’s Data Privacy and Integrity Advisory Committee explained that “Companies need to have “reasonable safeguards in place.” Since the series of high-profile breaches starting with the Target breach in 2013, companies have to be ready and prepared for breaches, she said. “Companies really have awakened from their slumber.”

Recommended For You

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Rosalie Donlon

Rosalie Donlon is the editor in chief of ALM's insurance and tax publications, including NU Property & Casualty magazine and NU PropertyCasualty360.com. You can contact her at [email protected].