Companies must make a myriad of decisions in the first 48 hours after a breach that will impact the rest of the breach investigation. At the recent Georgetown Cybersecurity Law Institute, a panel of outside and in-house counsel and a forensic investigator shared their advice about breach response, including a “quick start” guide, the common mistakes they see companies make during the initial response, what outside counsel will ask when they are contacted about a breach, what to look for (and what to beware of) when choosing a forensic team, how to preserve privilege throughout the investigation, and how to know when to stop looking for the hacker. See also “A Guide to Developing and Implementing a Successful Cyber Incident Response Plan: From Data Mapping to Evaluation”: Part One (Apr. 27, 2016), Part Two (May 11, 2016), Part Three (May 26, 2016).
Jun. 22, 2016
-
TOPICS
-
ENTITIES
-
PEOPLE
How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach
- Kathryn PicansoCybersecurity Law Report
To read the full article
Continue reading your article with a CSLR subscription.
Most-Read Articles
-
Jun. 10, 2026
Colorado and Connecticut AI Laws: Mapping Scope and Core Provisions -
Jun. 10, 2026
Checklist for Contracting With AI Vendors to Mitigate Risks -
Mar. 25, 2026
AI Agent Security: What CISOs and GCs Need to Know to Defend the Enterprise -
Jun. 17, 2026
Colorado and Connecticut AI Laws: Preparing to Comply -
Jun. 3, 2026
Joint Guidance on AI Agent Security Carves a Path to International Standards