Understand key aspects of incident response and the legal, contractual, and reputational risks of a data breach.
The headlines are awash with news about new cybersecurity incidents affecting every economic sector, and organizations large and small. While not every data security incident is newsworthy, every incident requires a response. What seems like an insignificant incident could be just the beginning of a major data breach. This topic will offer you an overview of current and emerging cyber threats and the evolving legal landscape. You will also hear about practical tactics for incident readiness, including the importance of building an incident response team and organizational culture. Next, the material will cover key aspects of incident response and the legal, contractual, and reputational risks of a mismanaged response, based on lessons learned from infamous incidents. Then, the information will review how to document lessons learned by identifying and remediating gaps in incident response policies and procedures.
Agenda
Cybersecurity Threats: What’s New and Evolving
- Ransomware
- Remote Working
- Nation-State Actors
Data Security Basics
The Cybersecurity Incident Legal Landscape - What’s New
Updating Your Cybersecurity Incident Response Playbook
- The Information Security and Legal Team Alliance
- Key Elements of Incident Response Policies and Procedures
- Vendor Assessment, Contracting, and Management
- The Role and Value of Industry Frameworks
Incident Readiness: Preparing for the Inevitable?
- Incident vs. Breach
- Assembling the Team
- The Role and Value of a Table-Top Exercise
Incident Response
- Legal Privilege
- Documenting the Response
- Knowing Who, When, and How to Notify
- Ransomware: To Pay or Not to Pay, That Is the Question
Lessons Learned
- Incident Response Log and Recordkeeping
- Policy and Procedure Refresh
Speakers
Gicel Tomimbang,
Squire Patton Boggs- Counsels private-sector and government clients on consumer protection issues, data privacy, cybersecurity readiness and incident response
- Assists clients with developing strategy and responding to legal and regulatory inquiries and investigations related to privacy and cybersecurity
- Certified by the International Association of Privacy Professionals as a Certified Information Privacy Professional (CIPP-US, CIPP-E), Certified Information Privacy Manager (CIPM) and Fellow of Information Privacy (FIP)
Julia B. Jacobson,
Arent Fox LLP- Partner in the Boston office of Arent Fox LLP
- Practice focuses on privacy, data protection and advertising and marketing compliance for businesses of all sizes
- Conducts regular seminars and workshops on privacy and data protection compliance
- LL.M. and J.D. degree, Boston University; certified by the International Association of Privacy Professionals as a Certified Information Privacy Practitioner (CIPP-US), Certified Information Privacy Manager (CIPM) and Fellow of Information Privacy (FIP)
- Can be contacted at 617-973-6297 or Julia.jacobson@arentfox.com
Who Should Attend
This program is primarily designed for attorneys. Other legal professionals may also benefit from attending..