How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach

Companies must make a myriad of decisions in the first 48 hours after a breach that will impact the rest of the breach investigation. At the recent Georgetown Cybersecurity Law Institute, a panel of outside and in-house counsel and a forensic investigator shared their advice about breach response, including a “quick start” guide, the common mistakes they see companies make during the initial response, what outside counsel will ask when they are contacted about a breach, what to look for (and what to beware of) when choosing a forensic team, how to preserve privilege throughout the investigation, and how to know when to stop looking for the hacker. See also “A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation”: Part One (Apr. 27, 2016), Part Two (May 11, 2016), Part Three (May 26, 2016).

To read the full article

Continue reading your article with a CSLR subscription.