The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Forensic Firms

  • From Vol. 3 No.9 (May 3, 2017)

    Investigative Realities: Working Effectively With Forensic Firms (Part One of Two)

    Lawyers and computer forensic investigators have significantly different skills and perspectives, both of which are essential during cybersecurity incident response. The differences, however, can create friction and even conflict in setting priorities, communicating effectively and interpreting findings. In a two-part guest article series, Stephen Surdu, a senior advisor at Covington, and Jennifer Martin, of counsel at Covington, provide legal counsel with a better understanding of the focus of the forensic team in incident response, the various factors and evidentiary realities that may affect how an investigation is performed, and why response teams cannot always reach definitive conclusions. This first installment addresses investigative realities and how attorneys and forensic investigators can gain an understanding of each other’s perspectives and preemptively discuss any potential issues to be in the best position to address them efficiently during an incident and to provide the greatest value to their clients. See also our three-part series on forensic firms: “Understanding and Leveraging Their Expertise From the Start” (Feb. 22, 2017); “Key Contract Considerations and Terms” (Mar. 8, 2017); and “Effective Vetting and Collaboration” (Mar. 22, 2017).

    Read Full Article …
  • From Vol. 3 No.6 (Mar. 22, 2017)

    Forensic Firms: Effective Vetting and Collaboration (Part Three of Three)

    Because a forensic investigation by a security firm often drives the critical path of incident response, companies are best positioned to respond quickly and effectively to potential incidents by identifying and onboarding a security firm before an incident arises. With a myriad of firms from which to choose, not only must a company carefully select the right one, but both sides must communicate effectively to build a trusting relationship. With advice from in-house and outside cybersecurity counsel as well as forensic and security experts, our three-part article series on forensic firms addresses these and other considerations. This third installment provides advice on evaluating the forensic firm to determine if it has the right expertise and how to communicate and collaborate with these experts once they are brought on board. Part two examined contract considerations, key terms and what companies should expect in deliverables. Part one explained the expertise of forensic firms, why they are used, and their role before and after an incident. See also “Key Strategies to Manage the First 72 Hours Following an Incident“ (Feb. 8, 2017).

    Read Full Article …
  • From Vol. 3 No.5 (Mar. 8, 2017)

    Forensic Firms: Key Contract Considerations and Terms (Part Two of Three)

    Companies are increasingly turning to outside forensic firms for assistance with both proactive cybersecurity measures as well as incident response. To optimize the relationship, companies must carefully choose a firm, negotiate the right contract terms, and effectively collaborate with the chosen forensic service provider. With advice from in-house and outside cybersecurity counsel as well as forensic and security experts, our three-part article series on forensic firms addresses these considerations. This second part examines contract considerations, key terms and what companies should expect in deliverables. Part one explained the expertise of forensic firms, why they are used, and their role before and after an incident. Part three will provide advice on evaluating the forensic firm to determine if it has the right expertise and how to communicate and collaborate with these experts once they are brought on board. See also “Key Strategies to Manage the First 72 Hours Following an Incident” (Feb. 8, 2017).

    Read Full Article …
  • From Vol. 3 No.4 (Feb. 22, 2017)

    Forensic Firms: Understanding and Leveraging Their Expertise From the Start (Part One of Three)

    After a company discovers a cybersecurity incident, it must understand exactly what happened and how it happened. That means bringing in the experts. The number of forensic firms from which companies can choose has grown along with the number and size of cyber breaches. How can companies evaluate the firms? What should be included in the contract? What should companies expect from these firms? How can they best collaborate with them for an effective and efficient investigation? With input from in-house and outside cybersecurity counsel as well as forensic and security experts, our three-part article series provides answers to these vital questions and others. This first part explains the expertise of forensic firms, why they are used, and their role before and after an incident. Part two will examine contract considerations, key terms and what companies can and should expect in deliverables. Part three will provide advice on how to evaluate the forensic firm to determine if it has the right expertise and how to communicate and work with these experts once they are brought on board. See also “Key Strategies to Manage the First 72 Hours Following an Incident” (Feb. 8, 2017).

    Read Full Article …