In 2012, then Director of the FBI, Robert S. Mueller, III said that “[t]here are only two types of companies: those that have been hacked and those that will be hacked.” It has since become widely accepted that executives and their counsel need to have robust cybersecurity and insider threat programs and practices in place to enable them to effectively respond to a potential incident at a moment’s notice. But what does that look like in practice? In this session, we’ll present a fictitious scenario based on a real-world occurrence in which a company suffered a potentially devastating cyber-attack. We’ll model the interplay of the various stakeholders as they race to identify what records were compromised, who the affected individuals are, and how the resulting damage can be contained. We’ll discuss and model some of the key components of an effective incident response strategy, including:
• How to best assist clients in evaluating a suspected breach or other unusual activity;
• Best practices for organizing and overseeing a cyber investigation;
• Understanding when and how to assert the attorney-client privilege;
• Tips on documenting the investigation and its findings; and
• Assessing who should be involved in all phases of the investigation.
For more information, please visit the event website.