SlideShare une entreprise Scribd logo

Data Breach Response is a Team Sport

Quarles & Brady
Quarles & Brady

Background on cyber attacks and cybersecurity programs.

Droit
1  sur  31
Télécharger pour lire hors ligne
Data Breach Response is a Team Sport John Barlament Margaret Utterback
Topics for Today •Background on cyber attacks and cybersecurity programs •Steps to take when handling a data event, incident, or breach • Before • During • After •Potential liability and costs 1
Cyber Attacks on the Rise! 1
Cyber Risk Reality "[T]here are only two types of companies: Those that have been hacked and those that will be. And even they are converging into one category: Companies that have been hacked and will be hacked again." •Robert Mueller, Former director of the FBI, at 2012 RSA Cyber Security Conference 1
Why Should You Prepare? • Every breach is unique • Facts are constantly changing • Investigations are complex • High stakes • Intense pressure • Many stakeholders with different interests and notification requirements • Team fatigue, frustration, defensiveness, denial, etc. • An investigation might not ultimately yield definitive results • Breaches distract a company from its business goals during and after the investigation 1
1 - Ponemon Institute Research Report (2015)
Cyber Incident Pain Points 1 Pain Points Description 1 No established cross-functional incident “commander” to coordinate response A point of contact with the authority to direct incident response across Business Lines has yet to be identified and agreed upon by all parties 2 No cross-organizational considerations or buy-in on incident response plan Absence of an over arching company incident response plan that can be implemented to coordinate corporate and business unit actions 3 No established data classification to guide response activities and determine severity Severity levels regarding key data is undefined. No designation of “Crown Jewels.” 4 Missing processes or “use cases” for responding to high impact scenarios No checklists or considerations / memory jogger resources established for incident management and response; no considerations of “high risk” scenarios 5 Cross-functional response procedures, including contact lists, are unavailable Missing procedures for internal coordination and information sharing across business and geographic areas in order to correlate security incidents; No established/updated contact lists for who to contact during high risk scenarios. 6 Unknown business impact Inability to determine impact from the lens of financial, information, legal, and public perception 7 Undefined event, incident and breach terms Lack of categorization of incidents regarding severity or type 8 No detailed event, incident and breach thresholds Incident response kickoff criteria regarding level of event/incident/breach lacks proper definition (Example: Data breach affecting 1 million or more customers) 9 Lack of pre-canned external communications responses Lack of preparedness regarding communications with the media and customer base
What is a Cybersecurity Program? • Essentially means preparation for a cybersecurity attack at the Board level • Goal: • To prevent data breaches, loss of business continuity, harm to public, etc. • From nation-states, hackers, organized criminals, insiders • Not an IT program – rather, development of risk management program based on level of risk with board oversight 1
The NIST Framework – Intent • Framework for Improving Critical Infrastructure Cybersecurity • Despite the name, applicable to any organization or business • A voluntary, risk-based approach to manage cybersecurity risk, in a cost-effective way, based on business needs • The framework is not law • There is no compliance requirement 1 It’s about MANAGING RISKS and making SOUND INVESTMENTS in cybersecurity efforts What do you do? How well do you do it? What do you need to do?
The NIST Framework – In Practice 1 Develop, adopt, or confirm your TARGET PROFILE Two key steps: 1. Determine WHICH subcategories are most important to you within your organizational context 2. Determine a desired Tier level for each of the important subcategories Assess your CURRENT PROFILE Determine or confirm your BUSINESS CONTEXT What constitutes your threat? Environment, legal and regulatory requirements; organizational objectives and constraints; and key services, service delivery and security goals Assess what Tier describes your practices in each of the key subcategories Perform a GAP ANALYSIS … between your Current and Target Profiles Select controls or practices for further investment, prioritize them, and develop a plan to implement Determine INVESTMENTS and an ACTION PLAN
Before the Security Incident/Breach • Step 1 – Identify “cyber czar” within your organization • Someone who can lead individuals from multiple groups • Should have oversight of your cyber security program and security incident response plan • Step 2 – Identify what laws, contractual requirements, and voluntary guidance and obligations apply to you • Laws depend on industry you are in and what information you actually obtain • Voluntary guidance includes industry standards and guidance • Voluntary obligations include website statements, obligations with third parties, employee handbooks 1
Complex Regulatory Framework Personal Information • FEDERAL • FTC Act • COPPA • CAN-SPAM • Red Flags Rule • Telemarketing Sales Rule • TCPA • ECPA • STATE • Breach Notification • Point of Sale Collection • State Consumer Protection • Security Obligations • COPPA-like 1 Health Information • FEDERAL • HIPAA • HITECH • Health Breach Notification Rule • GINA • STATE • HIPPA-like Financial Information • FEDERAL • GLB • FCRA • FACTA • STATE • GLB-like Employee Information • FEDERAL • ERISA • FMLA • Whistleblower Protection Act • STATE • Contract Law
Before the Security Incident/Breach • Step 3 – Identify your “crown jewels” of data • Department of Justice’s “Best Practices for Victim Response and Reporting of Cyber Incidents” (April 2015) (“DOJ Best Practices”) • Create matrix of what legal / contractual / voluntary obligations apply to that data • Step 4 – Create flexible action plan • Start with “worst case” scenario • Your IT director contacts you – all of the company’s data has been stolen and sensitive contractual / employee information on the Internet • “Mid-level” scenarios – Employee names and Social Security numbers stolen • “Mild” scenarios – Unauthorized viewing of information by internal employee, who remains employed and no prior issues 1
Before the Security Incident/Breach • Step 4 – continued • Identify response team – IT, legal, forensic investigators, communications, public relations, insurance, including external resources • Plan various methods to preserve evidence – protect attorney client privileged information • Develop related policies & procedures • Conduct a table top exercise • Step 5 – Have right technology in place • Back-up copies of information – where stored and how to access • Logging of security incidents 1
Before the Security Incident/Breach •Step 6 – Understand insurance policies • Events, data, and assets covered • Triggers • Exclusions • Evaluate new products now being offered • Determine how much insurance is needed • Determine if there is a panel and if you should hire separate counsel 1
Before the Security Incident/Breach • Step 7 – Identify vendors, what information they have • Many breaches caused by vendors • What assessment procedures are used to evaluate the risk of a vendor that has access? • Vendor Due Diligence Checklists • Audits • Review vendor contracts to evaluate specific data security/protection issues such as: • Notification obligations/Security Incident Response Plan • General security and data protection expectations • Risk assessment/audit information • Also, evaluate indemnification, limitation of liability, and insurance provisions 1
During the Security Incident/Breach •Step 1 – Initial Assessment • Notify your response team • Determine whether data been accessed and exfiltrated • Do you need to engage forensics consultants or do you have internal expertise? • Engage counsel to hire forensic consultants • Determine whether you need to notify your insurance carrier 1
During the Security Incident/Breach •Step 2 – Determine the facts • Identify the information that is compromised • Note the date and time of the discovery of the incident • Implement internal reporting and documentation process • Preserve evidence (backups, images, hard drives, etc.) as appropriate • Internal communications could be discoverable, so be careful what you say and how you say it 1
During the Security Incident/Breach •Step 3 – Contain the breach and mitigate harm, to the extent possible • Can you retrieve the lost/stolen device? • Can you "wipe" the data from the lost/stolen device or otherwise "mitigate" the situation? • Can you arrange for the return of the data (non-disclosure agreement/statement that it will not be further used)? • Can you "close" the open "door?" 1
During the Security Incident/Breach • Step 4 – Determine whether you have a reportable event • Verify whether the “security event” rises to level of a “breach” or “incident” under applicable law (which means you must know which laws are applicable to your company) • HIPAA breach • State data breach laws • Financial information • Other? • What voluntary obligations apply to you? • Contractual agreements • Employee handbooks • PCI compliance 1
During the Security Incident/Breach • Step 5 – Other issues to consider in connection with possible reporting obligations • Start with federal law (HIPAA, GLBA) • Consider voluntary notification to other state and federal agencies depending upon your industry • Also, Contractual Requirements (PCI, etc.) • Use Q&B 50-state data breach chart as starting point for state law 1
During the Security Incident/Breach • Step 5 – continued • Type of Data/Scope • Do Any Exceptions Apply? • Is There Risk of Harm? • Timing of Notification • Who Must be Notified? • Individual, Owner of Data, Media, Government, Others? • Form and Content of Notification • Documentation Requirements 1
Q&B 50 State Data Breach Chart 1
After the Security Incident/Breach • Step 1 – Notify required/affected partners • Affected persons • It takes time to find up-to-date addresses • Printing and mailing take lots of resources • Law enforcement • Government • Consumer Reporting Agencies • Media 1
After the Security Incident/Breach • Step 2 – Establish communications plan • Consider press releases • Should you establish a toll-free number for inquiries/call center? • "Upper level" team to respond to unique questions/customer inquiries? • How will media inquiries be addressed? 1
After the Security Incident/Breach • Step 3 – Hand-holding • Necessary follow-up with customers, employees, board members • Identity theft protection • Follow-up hand-holding 1
After the Security Incident/Breach • Step 4 – Learn from the situation • Identify weaknesses in current plans • Undertake Root Cause Analysis & Remediation • Reassess Security Incident Response Plan • Reassess privacy & security policies/procedures • Prepare for litigation/government investigation 1
Breach Costs • FTC enforcement • Specific industry agency enforcement • State Attorney General/other consumer protection agencies enforcement • Class action and other lawsuits • Data breach remediation and related costs • Reputational costs • Loss of competitive advantage/profits • Ransomware 1
Hot Topics with Damages • Breach notification costs • Credit monitoring/protection • Notification hotline/call center • Forensic costs • Identity theft resources 1
Emerging Trends in Litigation • Consumer class actions • Consumers v. Vendor • Generally unsuccessful • Derivative lawsuits • Shareholders v. Their Company • Stuck in the mud • Business-to-Business • Most successful • FTC oversight • FTC v. Vendor • Most cases settle –usually requires 20 years of administrative monitoring • Other government oversight • Depends 1
© 2017 Quarles & Brady LLP - This document provides information of a general nature. None of the information contained herein is intended as legal advice or opinion relative to specific matters, facts, situations or issues. Additional facts and information or future developments may affect the subjects addressed in this document. You should consult with a lawyer about your particular circumstances before acting on any of this information because it may not be applicable to you or your situation. Questions? 5 John Barlament Attorney, Partner John.Barlament@quarles.com (414) 277-5727 Quarles & Brady LLP 411 East Wisconsin Avenue Suite 2400 Milwaukee, Wisconsin 53202 www.quarles.com Quarles & Brady LLP 33 East Main Street Suite 900 Madison, Wisconsin 53703 Margaret Utterback Attorney, Partner Margaret.Utterback@quarles.com (608) 283-2443

Recommandé

How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRCharlie Pownall
 
Incident response
Incident responseIncident response
Incident responseAnshul Gupta
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Cybersecurity - Strategy, Policy and Practice
Cybersecurity - Strategy, Policy and PracticeCybersecurity - Strategy, Policy and Practice
Cybersecurity - Strategy, Policy and PracticeJulie Evans
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummiesIvo Depoorter
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 

Recommandé

How to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRHow to handle data breach incidents under GDPR
How to handle data breach incidents under GDPRCharlie Pownall
 
Incident response
Incident responseIncident response
Incident responseAnshul Gupta
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Cybersecurity - Strategy, Policy and Practice
Cybersecurity - Strategy, Policy and PracticeCybersecurity - Strategy, Policy and Practice
Cybersecurity - Strategy, Policy and PracticeJulie Evans
 
Information security for dummies
Information security for dummiesInformation security for dummies
Information security for dummiesIvo Depoorter
 
Board and Cyber Security
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber SecurityLeon Fouche
 
Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementNada G.Youssef
 
Incident Response
Incident ResponseIncident Response
Incident ResponseMichaelRodriguesdosS1
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role HackerOne
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRPriyab Satoshi
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxChandanChandu928137
 
Chapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxChapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxNargis Parveen
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & BuildSameer Paradia
 
Data protection
Data protectionData protection
Data protectionLewis Silkin
 
Information Security
Information SecurityInformation Security
Information SecurityDr. Himanshu Gupta
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...- Mark - Fullbright
 

Contenu connexe

Tendances

Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementNada G.Youssef
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role HackerOne
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Chapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxChapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxNargis Parveen
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & BuildSameer Paradia
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesSlideTeam
 

Tendances (20)

Chapter 11: Information Security Incident Management
Chapter 11: Information Security Incident ManagementChapter 11: Information Security Incident Management
Chapter 11: Information Security Incident Management
 
Incident Response
Incident ResponseIncident Response
Incident Response
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
 
Chapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptxChapter1 Cyber security Law & policy.pptx
Chapter1 Cyber security Law & policy.pptx
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 
Data protection
Data protectionData protection
Data protection
 
Information Security
Information SecurityInformation Security
Information Security
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdf
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptx
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 
Information Security
Information SecurityInformation Security
Information Security
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
 

Similaire à Data Breach Response is a Team Sport

How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...- Mark - Fullbright
 
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security ProsPrivacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security ProsNicholas Van Exan
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11pdewitte
 
Deconstructing Data Breach Cost
Deconstructing Data Breach CostDeconstructing Data Breach Cost
Deconstructing Data Breach CostResilient Systems
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyResilient Systems
 
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due DiligenceResilient Systems
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales DeckEvan Francen
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdfSurendhar57
 
Working with Law Enforcement on Cyber Security Strategies
Working with Law Enforcement on Cyber Security StrategiesWorking with Law Enforcement on Cyber Security Strategies
Working with Law Enforcement on Cyber Security StrategiesMeg Weber
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachJim Brashear
 
Data protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceData protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceEquiGov Institute
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramFinancial Poise
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119David Doughty
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Data Breach Response: Before and After the Breach
Data Breach Response: Before and After the BreachData Breach Response: Before and After the Breach
Data Breach Response: Before and After the BreachFinancial Poise
 

Similaire à Data Breach Response is a Team Sport (20)

How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...
 
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security ProsPrivacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11
 
Deconstructing Data Breach Cost
Deconstructing Data Breach CostDeconstructing Data Breach Cost
Deconstructing Data Breach Cost
 
Co3 rsc r5
Co3 rsc r5Co3 rsc r5
Co3 rsc r5
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal Toolkit
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
 
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
FRSecure Sales Deck
FRSecure Sales DeckFRSecure Sales Deck
FRSecure Sales Deck
 
f6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdff6_cyber_security_and_your_agency.pdf
f6_cyber_security_and_your_agency.pdf
 
Working with Law Enforcement on Cyber Security Strategies
Working with Law Enforcement on Cyber Security StrategiesWorking with Law Enforcement on Cyber Security Strategies
Working with Law Enforcement on Cyber Security Strategies
 
A Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data BreachA Brave New World of Cyber Security and Data Breach
A Brave New World of Cyber Security and Data Breach
 
Data protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceData protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure compliance
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
 
David doughty presentation 181119
David doughty presentation 181119David doughty presentation 181119
David doughty presentation 181119
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
 
Data Breach Response: Before and After the Breach
Data Breach Response: Before and After the BreachData Breach Response: Before and After the Breach
Data Breach Response: Before and After the Breach
 

Plus de Quarles & Brady

Protecting Designs Without Design Patents
Protecting Designs Without Design PatentsProtecting Designs Without Design Patents
Protecting Designs Without Design PatentsQuarles & Brady
 
2020 Wisconsin Insurance Case Law Year in Review
2020 Wisconsin Insurance Case Law Year in Review2020 Wisconsin Insurance Case Law Year in Review
2020 Wisconsin Insurance Case Law Year in ReviewQuarles & Brady
 
Interest Rate Swaps for Borrower’s Counsel
Interest Rate Swaps for Borrower’s CounselInterest Rate Swaps for Borrower’s Counsel
Interest Rate Swaps for Borrower’s CounselQuarles & Brady
 
2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...
2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...
2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...Quarles & Brady
 
Key Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a RecessionKey Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a RecessionQuarles & Brady
 
Key Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a RecessionKey Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a RecessionQuarles & Brady
 
Emerging Trends in Commercial Mortgage Lending During COVID-19
Emerging Trends in Commercial Mortgage Lending During COVID-19Emerging Trends in Commercial Mortgage Lending During COVID-19
Emerging Trends in Commercial Mortgage Lending During COVID-19Quarles & Brady
 
Action Steps for Your Employee Benefits Plan During the Coronavirus Pandemic
Action Steps for Your Employee Benefits Plan During the Coronavirus PandemicAction Steps for Your Employee Benefits Plan During the Coronavirus Pandemic
Action Steps for Your Employee Benefits Plan During the Coronavirus PandemicQuarles & Brady
 
Coronavirus & COVID-19 Update
Coronavirus & COVID-19 UpdateCoronavirus & COVID-19 Update
Coronavirus & COVID-19 UpdateQuarles & Brady
 
The Tampa Office Celebrates 10 Years!
The Tampa Office Celebrates 10 Years!The Tampa Office Celebrates 10 Years!
The Tampa Office Celebrates 10 Years!Quarles & Brady
 
Guidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 PandemicGuidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 PandemicQuarles & Brady
 
Guidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 PandemicGuidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 PandemicQuarles & Brady
 
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...Quarles & Brady
 
A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...
A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...
A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...Quarles & Brady
 
Medical Staff Structure And Bylaws: Current Trends And Best Practices
Medical Staff Structure And Bylaws: Current Trends And Best PracticesMedical Staff Structure And Bylaws: Current Trends And Best Practices
Medical Staff Structure And Bylaws: Current Trends And Best PracticesQuarles & Brady
 
Current Cases: Medical Staff Nightmares And Fairy Tales
Current Cases: Medical Staff Nightmares And Fairy TalesCurrent Cases: Medical Staff Nightmares And Fairy Tales
Current Cases: Medical Staff Nightmares And Fairy TalesQuarles & Brady
 
Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...
Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...
Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...Quarles & Brady
 
Physician Employment and Medical Staff Matters - Fun Times For HR Directors!
Physician Employment and Medical Staff Matters - Fun Times For HR Directors!Physician Employment and Medical Staff Matters - Fun Times For HR Directors!
Physician Employment and Medical Staff Matters - Fun Times For HR Directors!Quarles & Brady
 
Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...
Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...
Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...Quarles & Brady
 
Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...
Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...
Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...Quarles & Brady
 

Plus de Quarles & Brady (20)

Protecting Designs Without Design Patents
Protecting Designs Without Design PatentsProtecting Designs Without Design Patents
Protecting Designs Without Design Patents
 
2020 Wisconsin Insurance Case Law Year in Review
2020 Wisconsin Insurance Case Law Year in Review2020 Wisconsin Insurance Case Law Year in Review
2020 Wisconsin Insurance Case Law Year in Review
 
Interest Rate Swaps for Borrower’s Counsel
Interest Rate Swaps for Borrower’s CounselInterest Rate Swaps for Borrower’s Counsel
Interest Rate Swaps for Borrower’s Counsel
 
2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...
2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...
2016 Year in Review: Recent Midwest Legal Decisions Impacting Real Estate and...
 
Key Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a RecessionKey Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a Recession
 
Key Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a RecessionKey Bankruptcy Considerations Heading into a Recession
Key Bankruptcy Considerations Heading into a Recession
 
Emerging Trends in Commercial Mortgage Lending During COVID-19
Emerging Trends in Commercial Mortgage Lending During COVID-19Emerging Trends in Commercial Mortgage Lending During COVID-19
Emerging Trends in Commercial Mortgage Lending During COVID-19
 
Action Steps for Your Employee Benefits Plan During the Coronavirus Pandemic
Action Steps for Your Employee Benefits Plan During the Coronavirus PandemicAction Steps for Your Employee Benefits Plan During the Coronavirus Pandemic
Action Steps for Your Employee Benefits Plan During the Coronavirus Pandemic
 
Coronavirus & COVID-19 Update
Coronavirus & COVID-19 UpdateCoronavirus & COVID-19 Update
Coronavirus & COVID-19 Update
 
The Tampa Office Celebrates 10 Years!
The Tampa Office Celebrates 10 Years!The Tampa Office Celebrates 10 Years!
The Tampa Office Celebrates 10 Years!
 
Guidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 PandemicGuidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 Pandemic
 
Guidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 PandemicGuidance for Employers During the Evolving COVID-19 Pandemic
Guidance for Employers During the Evolving COVID-19 Pandemic
 
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
Business Law Training: Market Turmoil in D&O Insurance and Is Your Company Pr...
 
A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...
A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...
A Practical Roadmap For Navigating Medical Staff Legal Nightmares In Current ...
 
Medical Staff Structure And Bylaws: Current Trends And Best Practices
Medical Staff Structure And Bylaws: Current Trends And Best PracticesMedical Staff Structure And Bylaws: Current Trends And Best Practices
Medical Staff Structure And Bylaws: Current Trends And Best Practices
 
Current Cases: Medical Staff Nightmares And Fairy Tales
Current Cases: Medical Staff Nightmares And Fairy TalesCurrent Cases: Medical Staff Nightmares And Fairy Tales
Current Cases: Medical Staff Nightmares And Fairy Tales
 
Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...
Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...
Employment and Telemedicine Arrangements Between Hospitals and Practitioners:...
 
Physician Employment and Medical Staff Matters - Fun Times For HR Directors!
Physician Employment and Medical Staff Matters - Fun Times For HR Directors!Physician Employment and Medical Staff Matters - Fun Times For HR Directors!
Physician Employment and Medical Staff Matters - Fun Times For HR Directors!
 
Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...
Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...
Understand the SECURE Act, the Repeal of the “Cadillac Tax” and Other Health ...
 
Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...
Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...
Business Law Training: What’s Around the Corner? Eight Things We’re Watching ...
 

Dernier

Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategyJong Hyuk Choi
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhaiShashankKumar441258
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxRRR Chambers
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理bd2c5966a56d
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxRRR Chambers
 
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...PsychicRuben LoveSpells
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxSHIVAMGUPTA671167
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfKelechi48
 
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理Airst S
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理Airst S
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubham Wadhonkar
 
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理Airst S
 
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxPresentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxRRR Chambers
 
Police Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringPolice Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringSteering Law
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersJillianAsdala
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdfSUSHMITAPOTHAL
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forRoger Valdez
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...Finlaw Associates
 
一比一原版赫瑞瓦特大学毕业证如何办理
一比一原版赫瑞瓦特大学毕业证如何办理一比一原版赫瑞瓦特大学毕业证如何办理
一比一原版赫瑞瓦特大学毕业证如何办理Airst S
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.tanughoshal0
 

Dernier (20)

Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
 
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
一比一原版(UC毕业证书)堪培拉大学毕业证如何办理
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
 
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
$ Love Spells^ 💎 (310) 882-6330 in Utah, UT | Psychic Reading Best Black Magi...
 
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptxMunicipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
Municipal-Council-Ratlam-vs-Vardi-Chand-A-Landmark-Writ-Case.pptx
 
Relationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdfRelationship Between International Law and Municipal Law MIR.pdf
Relationship Between International Law and Municipal Law MIR.pdf
 
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
 
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
一比一原版(ECU毕业证书)埃迪斯科文大学毕业证如何办理
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
 
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
 
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptxPresentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
Presentation on Corporate SOCIAL RESPONSIBILITY- PPT.pptx
 
Police Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringPolice Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. Steering
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
 
589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf589308994-interpretation-of-statutes-notes-law-college.pdf
589308994-interpretation-of-statutes-notes-law-college.pdf
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo for
 
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
 
一比一原版赫瑞瓦特大学毕业证如何办理
一比一原版赫瑞瓦特大学毕业证如何办理一比一原版赫瑞瓦特大学毕业证如何办理
一比一原版赫瑞瓦特大学毕业证如何办理
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.
 

Data Breach Response is a Team Sport

  • 1. Data Breach Response is a Team Sport John Barlament Margaret Utterback
  • 2. Topics for Today •Background on cyber attacks and cybersecurity programs •Steps to take when handling a data event, incident, or breach • Before • During • After •Potential liability and costs 1
  • 3. Cyber Attacks on the Rise! 1
  • 4. Cyber Risk Reality "[T]here are only two types of companies: Those that have been hacked and those that will be. And even they are converging into one category: Companies that have been hacked and will be hacked again." •Robert Mueller, Former director of the FBI, at 2012 RSA Cyber Security Conference 1
  • 5. Why Should You Prepare? • Every breach is unique • Facts are constantly changing • Investigations are complex • High stakes • Intense pressure • Many stakeholders with different interests and notification requirements • Team fatigue, frustration, defensiveness, denial, etc. • An investigation might not ultimately yield definitive results • Breaches distract a company from its business goals during and after the investigation 1
  • 6. 1 - Ponemon Institute Research Report (2015)
  • 7. Cyber Incident Pain Points 1 Pain Points Description 1 No established cross-functional incident “commander” to coordinate response A point of contact with the authority to direct incident response across Business Lines has yet to be identified and agreed upon by all parties 2 No cross-organizational considerations or buy-in on incident response plan Absence of an over arching company incident response plan that can be implemented to coordinate corporate and business unit actions 3 No established data classification to guide response activities and determine severity Severity levels regarding key data is undefined. No designation of “Crown Jewels.” 4 Missing processes or “use cases” for responding to high impact scenarios No checklists or considerations / memory jogger resources established for incident management and response; no considerations of “high risk” scenarios 5 Cross-functional response procedures, including contact lists, are unavailable Missing procedures for internal coordination and information sharing across business and geographic areas in order to correlate security incidents; No established/updated contact lists for who to contact during high risk scenarios. 6 Unknown business impact Inability to determine impact from the lens of financial, information, legal, and public perception 7 Undefined event, incident and breach terms Lack of categorization of incidents regarding severity or type 8 No detailed event, incident and breach thresholds Incident response kickoff criteria regarding level of event/incident/breach lacks proper definition (Example: Data breach affecting 1 million or more customers) 9 Lack of pre-canned external communications responses Lack of preparedness regarding communications with the media and customer base
  • 8. What is a Cybersecurity Program? • Essentially means preparation for a cybersecurity attack at the Board level • Goal: • To prevent data breaches, loss of business continuity, harm to public, etc. • From nation-states, hackers, organized criminals, insiders • Not an IT program – rather, development of risk management program based on level of risk with board oversight 1
  • 9. The NIST Framework – Intent • Framework for Improving Critical Infrastructure Cybersecurity • Despite the name, applicable to any organization or business • A voluntary, risk-based approach to manage cybersecurity risk, in a cost-effective way, based on business needs • The framework is not law • There is no compliance requirement 1 It’s about MANAGING RISKS and making SOUND INVESTMENTS in cybersecurity efforts What do you do? How well do you do it? What do you need to do?
  • 10. The NIST Framework – In Practice 1 Develop, adopt, or confirm your TARGET PROFILE Two key steps: 1. Determine WHICH subcategories are most important to you within your organizational context 2. Determine a desired Tier level for each of the important subcategories Assess your CURRENT PROFILE Determine or confirm your BUSINESS CONTEXT What constitutes your threat? Environment, legal and regulatory requirements; organizational objectives and constraints; and key services, service delivery and security goals Assess what Tier describes your practices in each of the key subcategories Perform a GAP ANALYSIS … between your Current and Target Profiles Select controls or practices for further investment, prioritize them, and develop a plan to implement Determine INVESTMENTS and an ACTION PLAN
  • 11. Before the Security Incident/Breach • Step 1 – Identify “cyber czar” within your organization • Someone who can lead individuals from multiple groups • Should have oversight of your cyber security program and security incident response plan • Step 2 – Identify what laws, contractual requirements, and voluntary guidance and obligations apply to you • Laws depend on industry you are in and what information you actually obtain • Voluntary guidance includes industry standards and guidance • Voluntary obligations include website statements, obligations with third parties, employee handbooks 1
  • 12. Complex Regulatory Framework Personal Information • FEDERAL • FTC Act • COPPA • CAN-SPAM • Red Flags Rule • Telemarketing Sales Rule • TCPA • ECPA • STATE • Breach Notification • Point of Sale Collection • State Consumer Protection • Security Obligations • COPPA-like 1 Health Information • FEDERAL • HIPAA • HITECH • Health Breach Notification Rule • GINA • STATE • HIPPA-like Financial Information • FEDERAL • GLB • FCRA • FACTA • STATE • GLB-like Employee Information • FEDERAL • ERISA • FMLA • Whistleblower Protection Act • STATE • Contract Law
  • 13. Before the Security Incident/Breach • Step 3 – Identify your “crown jewels” of data • Department of Justice’s “Best Practices for Victim Response and Reporting of Cyber Incidents” (April 2015) (“DOJ Best Practices”) • Create matrix of what legal / contractual / voluntary obligations apply to that data • Step 4 – Create flexible action plan • Start with “worst case” scenario • Your IT director contacts you – all of the company’s data has been stolen and sensitive contractual / employee information on the Internet • “Mid-level” scenarios – Employee names and Social Security numbers stolen • “Mild” scenarios – Unauthorized viewing of information by internal employee, who remains employed and no prior issues 1
  • 14. Before the Security Incident/Breach • Step 4 – continued • Identify response team – IT, legal, forensic investigators, communications, public relations, insurance, including external resources • Plan various methods to preserve evidence – protect attorney client privileged information • Develop related policies & procedures • Conduct a table top exercise • Step 5 – Have right technology in place • Back-up copies of information – where stored and how to access • Logging of security incidents 1
  • 15. Before the Security Incident/Breach •Step 6 – Understand insurance policies • Events, data, and assets covered • Triggers • Exclusions • Evaluate new products now being offered • Determine how much insurance is needed • Determine if there is a panel and if you should hire separate counsel 1
  • 16. Before the Security Incident/Breach • Step 7 – Identify vendors, what information they have • Many breaches caused by vendors • What assessment procedures are used to evaluate the risk of a vendor that has access? • Vendor Due Diligence Checklists • Audits • Review vendor contracts to evaluate specific data security/protection issues such as: • Notification obligations/Security Incident Response Plan • General security and data protection expectations • Risk assessment/audit information • Also, evaluate indemnification, limitation of liability, and insurance provisions 1
  • 17. During the Security Incident/Breach •Step 1 – Initial Assessment • Notify your response team • Determine whether data been accessed and exfiltrated • Do you need to engage forensics consultants or do you have internal expertise? • Engage counsel to hire forensic consultants • Determine whether you need to notify your insurance carrier 1
  • 18. During the Security Incident/Breach •Step 2 – Determine the facts • Identify the information that is compromised • Note the date and time of the discovery of the incident • Implement internal reporting and documentation process • Preserve evidence (backups, images, hard drives, etc.) as appropriate • Internal communications could be discoverable, so be careful what you say and how you say it 1
  • 19. During the Security Incident/Breach •Step 3 – Contain the breach and mitigate harm, to the extent possible • Can you retrieve the lost/stolen device? • Can you "wipe" the data from the lost/stolen device or otherwise "mitigate" the situation? • Can you arrange for the return of the data (non-disclosure agreement/statement that it will not be further used)? • Can you "close" the open "door?" 1
  • 20. During the Security Incident/Breach • Step 4 – Determine whether you have a reportable event • Verify whether the “security event” rises to level of a “breach” or “incident” under applicable law (which means you must know which laws are applicable to your company) • HIPAA breach • State data breach laws • Financial information • Other? • What voluntary obligations apply to you? • Contractual agreements • Employee handbooks • PCI compliance 1
  • 21. During the Security Incident/Breach • Step 5 – Other issues to consider in connection with possible reporting obligations • Start with federal law (HIPAA, GLBA) • Consider voluntary notification to other state and federal agencies depending upon your industry • Also, Contractual Requirements (PCI, etc.) • Use Q&B 50-state data breach chart as starting point for state law 1
  • 22. During the Security Incident/Breach • Step 5 – continued • Type of Data/Scope • Do Any Exceptions Apply? • Is There Risk of Harm? • Timing of Notification • Who Must be Notified? • Individual, Owner of Data, Media, Government, Others? • Form and Content of Notification • Documentation Requirements 1
  • 23. Q&B 50 State Data Breach Chart 1
  • 24. After the Security Incident/Breach • Step 1 – Notify required/affected partners • Affected persons • It takes time to find up-to-date addresses • Printing and mailing take lots of resources • Law enforcement • Government • Consumer Reporting Agencies • Media 1
  • 25. After the Security Incident/Breach • Step 2 – Establish communications plan • Consider press releases • Should you establish a toll-free number for inquiries/call center? • "Upper level" team to respond to unique questions/customer inquiries? • How will media inquiries be addressed? 1
  • 26. After the Security Incident/Breach • Step 3 – Hand-holding • Necessary follow-up with customers, employees, board members • Identity theft protection • Follow-up hand-holding 1
  • 27. After the Security Incident/Breach • Step 4 – Learn from the situation • Identify weaknesses in current plans • Undertake Root Cause Analysis & Remediation • Reassess Security Incident Response Plan • Reassess privacy & security policies/procedures • Prepare for litigation/government investigation 1
  • 28. Breach Costs • FTC enforcement • Specific industry agency enforcement • State Attorney General/other consumer protection agencies enforcement • Class action and other lawsuits • Data breach remediation and related costs • Reputational costs • Loss of competitive advantage/profits • Ransomware 1
  • 29. Hot Topics with Damages • Breach notification costs • Credit monitoring/protection • Notification hotline/call center • Forensic costs • Identity theft resources 1
  • 30. Emerging Trends in Litigation • Consumer class actions • Consumers v. Vendor • Generally unsuccessful • Derivative lawsuits • Shareholders v. Their Company • Stuck in the mud • Business-to-Business • Most successful • FTC oversight • FTC v. Vendor • Most cases settle –usually requires 20 years of administrative monitoring • Other government oversight • Depends 1
  • 31. © 2017 Quarles & Brady LLP - This document provides information of a general nature. None of the information contained herein is intended as legal advice or opinion relative to specific matters, facts, situations or issues. Additional facts and information or future developments may affect the subjects addressed in this document. You should consult with a lawyer about your particular circumstances before acting on any of this information because it may not be applicable to you or your situation. Questions? 5 John Barlament Attorney, Partner John.Barlament@quarles.com (414) 277-5727 Quarles & Brady LLP 411 East Wisconsin Avenue Suite 2400 Milwaukee, Wisconsin 53202 www.quarles.com Quarles & Brady LLP 33 East Main Street Suite 900 Madison, Wisconsin 53703 Margaret Utterback Attorney, Partner Margaret.Utterback@quarles.com (608) 283-2443