There is No "Breach" Until Your Lawyer Says There Is


Nolan Goldberg (Senior Counsel, Proskauer)

Location: Grand Ballroom E

Date: Thursday, May 3

Time: 2:00pm - 2:50pm

Pass Type: All Access, Conference

Format: Conference Session

Track: Security

Conference Journey: Business Leader

Audience: All

Vault Recording: TBD

Audience Level: All

Incident response is a high stakes and high pressure event for any organization, no matter how sophisticated. And should it be determined that a network intrusion resulted in an actual "data breach," the stakes only get higher. Matters are complicated enough when the intrusion involves your network and your data. But what happens when the network that is infiltrated is that of a vendor hosting your companies' confidential data or the confidential data of your customers? Or if an intrusion onto your companies' network exposes confidential data that your company is hosting pursuant to a contract for a third party? Of course rapid detection, containment and remediation must be a priority in all such circumstances – but how should your organization structure its activities to avoid generating documents that can be used down the road by an adversary seeking to profit of your companies misfortune? And how do you tell if there is an actual data breach? (Hint – the answer varies state by state and, in some cases, regulator by regulator).

This session will cover:

  • Understanding the basic process of working on an incident response with counsel;
  • A description of the current legal environment, including some of the obligations and legal risks to companies that have suffered a cyber incident;
  • How to structure a privileged incident response to provide an organization with maximum protection against future discovery by litigants, while at the same time, meeting an organization's legal, contractual and regulatory obligations; and
  • A discussion of the special considerations (pre and post breach) of organization's who host data or whose data is hosted.

Presentation File