Presentation to Canadian in-house counsel on data breach response and crises communications. Dan Michaluk and Ian Dick of Hicks Morley and Karen Gordon of Squeaky Wheel Communications.
The document provides 10 tips for managing a data security incident from a breach practitioner. The tips are to initiate response immediately, don't make assumptions but find facts, keep investigating and progressing the response, don't rush public statements but strive for 90% confidence, obtain objective external input, get technical forensic help if needed, take a broad view of notification, consider the perspective of affected individuals, demonstrate commitment to improvements, and issue an apology from a senior spokesperson.
This is a presentation I delivered to lawyers attending the Alberta Law Conference. It's was very conceptual in nature, focusing on some of the broader forces affecting employers and employees. The two topics of substance are "information governance" and social media misuse.
This document summarizes recent legal developments regarding privacy risks, incidents, and liability in Canada. It discusses amendments to PIPEDA and PHIPA that expand requirements for breach notification. It also notes a court case, Hopkins v Kay, that suggests actual harm is not required for privacy claims. Additionally, it covers two class action cases, Evans and Condon, that were certified regarding data breaches. The certification in Condon was notable as it allowed for intentional intrusion claims over lost data where no harm was proven.
This document discusses data and cyber security risks and best practices for protection and response. It notes several high-profile data breaches from 2012-2015 involving lost hard drives containing personal information, unauthorized access to medical records, a medical marijuana mailing error, and a payment card theft. It examines potential legal issues for organizations when data is lost or accessed without authorization. The document also outlines an incident response process and best practices for timing, analysis, and communication in response to a data security incident.
The internet as a corporate security resourceDan Michaluk
One hour presentation to in house lawyers at a federally regulated employer. Analysis is based on Canadian federal privacy legislation (PIPEDA) and Ontario Rules of Professoinal Conduct.
Social media – issues and trends caus 2014Dan Michaluk
This document summarizes key issues around social media and student expression from a presentation given on September 19, 2014. It discusses how university policies address student expression online and the different interests universities seek to protect. It also covers best practices for gathering social media evidence and other trends to watch, such as the proliferation of university social media accounts. Case law citations are provided that relate to universities' ability to regulate off-campus student expression and their jurisdiction over reputational interests.
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
This document discusses best practices for corporate data security and legal compliance. It begins with an overview of common data breaches in 2014 and the industries most affected. It then outlines best practice protocols from organizations like NIST, recommendations for rapid detection of breaches, and top priority steps to take before an attack like identifying critical data and having backup plans. The document also discusses major data security and privacy laws, creating an incident response team, and proper steps to take when responding to a breach, including notification requirements. The goal is to help companies properly secure data and respond effectively in the event of a security incident.
The document provides 10 tips for managing a data security incident from a breach practitioner. The tips are to initiate response immediately, don't make assumptions but find facts, keep investigating and progressing the response, don't rush public statements but strive for 90% confidence, obtain objective external input, get technical forensic help if needed, take a broad view of notification, consider the perspective of affected individuals, demonstrate commitment to improvements, and issue an apology from a senior spokesperson.
This is a presentation I delivered to lawyers attending the Alberta Law Conference. It's was very conceptual in nature, focusing on some of the broader forces affecting employers and employees. The two topics of substance are "information governance" and social media misuse.
This document summarizes recent legal developments regarding privacy risks, incidents, and liability in Canada. It discusses amendments to PIPEDA and PHIPA that expand requirements for breach notification. It also notes a court case, Hopkins v Kay, that suggests actual harm is not required for privacy claims. Additionally, it covers two class action cases, Evans and Condon, that were certified regarding data breaches. The certification in Condon was notable as it allowed for intentional intrusion claims over lost data where no harm was proven.
This document discusses data and cyber security risks and best practices for protection and response. It notes several high-profile data breaches from 2012-2015 involving lost hard drives containing personal information, unauthorized access to medical records, a medical marijuana mailing error, and a payment card theft. It examines potential legal issues for organizations when data is lost or accessed without authorization. The document also outlines an incident response process and best practices for timing, analysis, and communication in response to a data security incident.
The internet as a corporate security resourceDan Michaluk
One hour presentation to in house lawyers at a federally regulated employer. Analysis is based on Canadian federal privacy legislation (PIPEDA) and Ontario Rules of Professoinal Conduct.
Social media – issues and trends caus 2014Dan Michaluk
This document summarizes key issues around social media and student expression from a presentation given on September 19, 2014. It discusses how university policies address student expression online and the different interests universities seek to protect. It also covers best practices for gathering social media evidence and other trends to watch, such as the proliferation of university social media accounts. Case law citations are provided that relate to universities' ability to regulate off-campus student expression and their jurisdiction over reputational interests.
Corporate Data Secruity Best Practices and Legal Compliance (00969538xBF97D)Paul C. Van Slyke
This document discusses best practices for corporate data security and legal compliance. It begins with an overview of common data breaches in 2014 and the industries most affected. It then outlines best practice protocols from organizations like NIST, recommendations for rapid detection of breaches, and top priority steps to take before an attack like identifying critical data and having backup plans. The document also discusses major data security and privacy laws, creating an incident response team, and proper steps to take when responding to a breach, including notification requirements. The goal is to help companies properly secure data and respond effectively in the event of a security incident.
Advantage ppt data breaches km approved - final (djm notes)Dan Michaluk
This document discusses how to properly respond to data breaches. It emphasizes the importance of having a formal, written incident response plan in place due to how time-sensitive breaches are and how organizations can behave unpredictably in a crisis. The plan should include roles and processes for identification, escalation, assessment, containment, investigation, and managing liability. It also recommends retaining IT forensics and legal experts in advance. Practicing the plan through fire drills can help identify flaws and improve response skills. When notifying individuals of a breach, organizations should explain what happened, containment steps, and provide contact information for support.
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Dan Michaluk
This document summarizes a presentation on cyber security for regulators and regulated organizations. It outlines the significant ransomware threat, with attacks and ransom payments increasing substantially. It describes common inside and outside security threats organizations face from issues like errant emails, loss of devices, and malware. The presentation emphasizes the importance of having a comprehensive cyber security program with clear roles and accountability, ongoing risk assessment, and adherence to policies. It also stresses the value of having an incident response plan in place in case of a security breach, and outlines best practices for responding to ransomware attacks.
Gdpr demystified - making sense of the regulationJames Mulhern
Slightly out dated introduction to GDPR, that tries to move away from the headlines on fines and emphasises the global nature of the regulation, the numerous forms of lawful processing and the absolute need to manage privacy and be transparent. Goes on to show how using public cloud can help solve part of the problem.
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
Campbell from IT called the presenter on a Saturday to report that key servers at their organization, including the email and file servers, were inaccessible. A cryptic note was left demanding payment to regain access, indicating a potential ransomware attack. The presenter is advised to have Campbell contain the incident by disconnecting from the internet, not make any payments, and call in expert help from lawyers and incident response specialists to properly investigate and mitigate the risks. The presentation then outlines the typical incident response process and provides tips on internal communication, notifying affected individuals, and having an incident response plan in place ahead of time.
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
Part 1 of this webinar series provided an overview of cybersecurity and explained the cyber risks and legislation affecting nonprofits. In part 2 of the series, Imran Ahmad of Miller Thomson, LLP returns to answer your questions on cybersecurity and to delve deeper into cybersecurity maintenance and best practices to avoid data breaches. This includes the implementation of measures to prevent data breaches in the pre-attack phase, to the implementation of security best practices in the event of a cyber attack or breach.
What you will learn:
· How to develop key cybersecurity-related documents;
· How to maintain an internal matrix of when to notify affected individuals;
· How to review contracts from a cybersecurity compliance perspective.
1) Organizations should plan their breach response before a breach occurs to address legal, business, and technology differences.
2) An effective breach response plan should define what constitutes a breach, determine who has authority to declare one, and outline the response process.
3) The plan should address legal notification requirements, forensic investigation procedures, data governance policies, and relationship building with law enforcement.
What is Information Security and why you should care ...James Mulhern
An interactive introduction to Information Security and Cyber Security for BTEC students studying IT at Swindon College in the UK. The session illustrates the breadth and diversity of the subject and opportunities it can offer. The session illustrates things might not always be as they seem and the impacts can be far more reaching than at first imagined.
1 hours presentation to IT security and law enforcement audience on how access to information legislation and related pressures affect public bodies in Canada.
How your nonprofit can avoid data breaches and ensure privacyTechSoup Canada
Increasingly, nonprofits hold large quantities of digital assets (such as donor information, grant application details, financial records, etc.). Organizations of all sizes and industries are being targeted by cyber criminals. Cyber-attacks will often devastate an organization’s operations and have significant financial, legal and reputational consequences.
In this webinar, Imran Ahmad of Miller Thomson, LLP will explain how implementing best practices from a pre-breach standpoint can go a long way to mitigate the negative consequences of a cyber-attack.
What you will learn:
- what the cyber threat landscape looks like
- how to ensure privacy of your digital assets
- steps to take in the aftermath of a cyber-attack
The document provides information about the Certified Information Systems Security Professional (CISSP) certification. It discusses how the CISSP certification demonstrates that individuals have the necessary skills and experience to build and manage security for organizations. It also outlines the requirements to obtain the CISSP certification, including having 5 years of relevant work experience in 2 or more security domains or 4 years with a degree, passing the exam, completing the endorsement process, and maintaining the certification through ongoing training requirements.
Sam looked at some cases of data breaches and hacks and explained the importance of planning, cyber hygiene and recovery plans.
This slideshare was originally presented at the East Midlands Cyber Security Forum's Autumn event on 19th October 2017 at University of Nottingham.
https://emcsf.org.uk/
The document discusses PIPEDA, Canada's private sector privacy law, and the importance of having an Incident Response Plan (IRP) to respond to data breaches. It provides an overview of PIPEDA's 10 fair information principles and requirements regarding data breaches. It emphasizes that an IRP outlines the steps to detect, respond to, and reduce the risk of future incidents. It also stresses engaging legal counsel to maintain privilege and avoid liability when developing, implementing, and responding to breaches according to the IRP.
Andrew Ford, VP of Sales and Marketing at Next Dimension, discusses how to leverage your IT services partner to build a successful cyber security (and overall business) strategy roadmap.
This document summarizes a presentation on cybersecurity risk governance. It discusses the high degree of risk boards face from cyber attacks, noting a large increase in ransomware attacks and payments in 2020. The ransomware threat is very high. Public sectors are primary targets due to weaker defenses from budget pressures. Cyber attacks can cause privacy failures, reputational problems, high response costs, and civil liability. The presentation then provides an overview of key cybersecurity concepts for boards like asset management, defense in depth, and the NIST Cybersecurity Framework. It examines how boards can provide oversight in each framework area such as identifying critical data and access controls for protecting information.
Today's security and privacy professionals know that breaches are a fact of life. Yet their organizations are often not prepared to respond when the time comes. They're "overweight" on prevention and detection, but "underweight" on response.
Based on a decade-plus caseload of actual breach investigations across of range of different organizations, this webinar will examine an amalgamated, anonymized breach situation and review a play-by-play of how the response went: the good, the bad, and the ugly. Attendees will gain hard-earned, battle-tested insight on what to do, and what to avoid when it's their turn to respond to an incident.
Our featured speakers for this timely webinar will be:
- Don Ulsch, CEO, ZeroPoint Risk. Distinguished Fellow at the Ponemon Institute.
- Joseph DeSalvo, Managing Director, ZeroPoint Risk. Former CSO at Mylan and Iron Mountain.
- Ted Julian, Chief Marketing Officer, Co3 Systems. Serial security and compliance entrepreneur.
Data Breach Response: Before and After the BreachFinancial Poise
You’ve received the dreaded call that your company has just suffered a data breach – what do you do next? Who do you call for help? What notification obligations do you have?
With proper preparation, you can mitigate the damage caused by this unfortunate event and put your business in a position to recover. Your company may have already implemented its information security program and identified the responsible parties, including applicable outside experts, to be contacted in the event of a breach. However, now you must call up your incident response team to investigate the extent of the breach, evaluate the possible damage to your company, and determine whether you must notify your clients, customers, or the public of the breach. This webinar will help prepare you to take action when the worst happens.
Part of the webinar series: Cybersecurity & Data Privacy 2021
See more at https://www.financialpoise.com/webinars/
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
This document discusses privacy, data security, and anti-spam compliance. It covers privacy legislation in Canada including PIPEDA, and outlines new provisions regarding applicants for employment and sharing personal information to investigate breaches of law. Regarding data security, it discusses regulatory frameworks and standards from OSFI, CSA, and PIPEDA. Breach notification requirements are outlined. Finally, the document discusses CASL spam regulation including express consent requirements and recent enforcement actions.
The CIO should understand how different departments within their company use technology, who the key stakeholders are, and the financial situation of the company. They should also understand the key players and trends within their industry. The CIO should participate in strategic business planning by providing a technology perspective and thinking creatively about how to leverage technology to support business goals. Finally, the CIO should work to increase revenue through technology by developing plans to engage different customer profiles and prospective clients, and promote their company within the industry through attending events, public speaking, and publishing content.
The document discusses how several accounting firms and a legal insurance company use digital signatures to streamline processes such as client onboarding, document routing, and signature collection. It provides examples of the types of documents signed digitally and highlights top features of digital signature platforms like DocuSign, Adobe EchoSign, and RightSignature that allow for complicated routing, cloning of documents, reminders, and audit trails of signed documents. The document also shares upcoming product releases from an e-signature company targeted towards accountants to further integrate signature collection into accounting workflows and document management systems.
Advantage ppt data breaches km approved - final (djm notes)Dan Michaluk
This document discusses how to properly respond to data breaches. It emphasizes the importance of having a formal, written incident response plan in place due to how time-sensitive breaches are and how organizations can behave unpredictably in a crisis. The plan should include roles and processes for identification, escalation, assessment, containment, investigation, and managing liability. It also recommends retaining IT forensics and legal experts in advance. Practicing the plan through fire drills can help identify flaws and improve response skills. When notifying individuals of a breach, organizations should explain what happened, containment steps, and provide contact information for support.
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Dan Michaluk
This document summarizes a presentation on cyber security for regulators and regulated organizations. It outlines the significant ransomware threat, with attacks and ransom payments increasing substantially. It describes common inside and outside security threats organizations face from issues like errant emails, loss of devices, and malware. The presentation emphasizes the importance of having a comprehensive cyber security program with clear roles and accountability, ongoing risk assessment, and adherence to policies. It also stresses the value of having an incident response plan in place in case of a security breach, and outlines best practices for responding to ransomware attacks.
Gdpr demystified - making sense of the regulationJames Mulhern
Slightly out dated introduction to GDPR, that tries to move away from the headlines on fines and emphasises the global nature of the regulation, the numerous forms of lawful processing and the absolute need to manage privacy and be transparent. Goes on to show how using public cloud can help solve part of the problem.
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
Campbell from IT called the presenter on a Saturday to report that key servers at their organization, including the email and file servers, were inaccessible. A cryptic note was left demanding payment to regain access, indicating a potential ransomware attack. The presenter is advised to have Campbell contain the incident by disconnecting from the internet, not make any payments, and call in expert help from lawyers and incident response specialists to properly investigate and mitigate the risks. The presentation then outlines the typical incident response process and provides tips on internal communication, notifying affected individuals, and having an incident response plan in place ahead of time.
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2TechSoup Canada
Part 1 of this webinar series provided an overview of cybersecurity and explained the cyber risks and legislation affecting nonprofits. In part 2 of the series, Imran Ahmad of Miller Thomson, LLP returns to answer your questions on cybersecurity and to delve deeper into cybersecurity maintenance and best practices to avoid data breaches. This includes the implementation of measures to prevent data breaches in the pre-attack phase, to the implementation of security best practices in the event of a cyber attack or breach.
What you will learn:
· How to develop key cybersecurity-related documents;
· How to maintain an internal matrix of when to notify affected individuals;
· How to review contracts from a cybersecurity compliance perspective.
1) Organizations should plan their breach response before a breach occurs to address legal, business, and technology differences.
2) An effective breach response plan should define what constitutes a breach, determine who has authority to declare one, and outline the response process.
3) The plan should address legal notification requirements, forensic investigation procedures, data governance policies, and relationship building with law enforcement.
What is Information Security and why you should care ...James Mulhern
An interactive introduction to Information Security and Cyber Security for BTEC students studying IT at Swindon College in the UK. The session illustrates the breadth and diversity of the subject and opportunities it can offer. The session illustrates things might not always be as they seem and the impacts can be far more reaching than at first imagined.
1 hours presentation to IT security and law enforcement audience on how access to information legislation and related pressures affect public bodies in Canada.
How your nonprofit can avoid data breaches and ensure privacyTechSoup Canada
Increasingly, nonprofits hold large quantities of digital assets (such as donor information, grant application details, financial records, etc.). Organizations of all sizes and industries are being targeted by cyber criminals. Cyber-attacks will often devastate an organization’s operations and have significant financial, legal and reputational consequences.
In this webinar, Imran Ahmad of Miller Thomson, LLP will explain how implementing best practices from a pre-breach standpoint can go a long way to mitigate the negative consequences of a cyber-attack.
What you will learn:
- what the cyber threat landscape looks like
- how to ensure privacy of your digital assets
- steps to take in the aftermath of a cyber-attack
The document provides information about the Certified Information Systems Security Professional (CISSP) certification. It discusses how the CISSP certification demonstrates that individuals have the necessary skills and experience to build and manage security for organizations. It also outlines the requirements to obtain the CISSP certification, including having 5 years of relevant work experience in 2 or more security domains or 4 years with a degree, passing the exam, completing the endorsement process, and maintaining the certification through ongoing training requirements.
Sam looked at some cases of data breaches and hacks and explained the importance of planning, cyber hygiene and recovery plans.
This slideshare was originally presented at the East Midlands Cyber Security Forum's Autumn event on 19th October 2017 at University of Nottingham.
https://emcsf.org.uk/
The document discusses PIPEDA, Canada's private sector privacy law, and the importance of having an Incident Response Plan (IRP) to respond to data breaches. It provides an overview of PIPEDA's 10 fair information principles and requirements regarding data breaches. It emphasizes that an IRP outlines the steps to detect, respond to, and reduce the risk of future incidents. It also stresses engaging legal counsel to maintain privilege and avoid liability when developing, implementing, and responding to breaches according to the IRP.
Andrew Ford, VP of Sales and Marketing at Next Dimension, discusses how to leverage your IT services partner to build a successful cyber security (and overall business) strategy roadmap.
This document summarizes a presentation on cybersecurity risk governance. It discusses the high degree of risk boards face from cyber attacks, noting a large increase in ransomware attacks and payments in 2020. The ransomware threat is very high. Public sectors are primary targets due to weaker defenses from budget pressures. Cyber attacks can cause privacy failures, reputational problems, high response costs, and civil liability. The presentation then provides an overview of key cybersecurity concepts for boards like asset management, defense in depth, and the NIST Cybersecurity Framework. It examines how boards can provide oversight in each framework area such as identifying critical data and access controls for protecting information.
Today's security and privacy professionals know that breaches are a fact of life. Yet their organizations are often not prepared to respond when the time comes. They're "overweight" on prevention and detection, but "underweight" on response.
Based on a decade-plus caseload of actual breach investigations across of range of different organizations, this webinar will examine an amalgamated, anonymized breach situation and review a play-by-play of how the response went: the good, the bad, and the ugly. Attendees will gain hard-earned, battle-tested insight on what to do, and what to avoid when it's their turn to respond to an incident.
Our featured speakers for this timely webinar will be:
- Don Ulsch, CEO, ZeroPoint Risk. Distinguished Fellow at the Ponemon Institute.
- Joseph DeSalvo, Managing Director, ZeroPoint Risk. Former CSO at Mylan and Iron Mountain.
- Ted Julian, Chief Marketing Officer, Co3 Systems. Serial security and compliance entrepreneur.
Data Breach Response: Before and After the BreachFinancial Poise
You’ve received the dreaded call that your company has just suffered a data breach – what do you do next? Who do you call for help? What notification obligations do you have?
With proper preparation, you can mitigate the damage caused by this unfortunate event and put your business in a position to recover. Your company may have already implemented its information security program and identified the responsible parties, including applicable outside experts, to be contacted in the event of a breach. However, now you must call up your incident response team to investigate the extent of the breach, evaluate the possible damage to your company, and determine whether you must notify your clients, customers, or the public of the breach. This webinar will help prepare you to take action when the worst happens.
Part of the webinar series: Cybersecurity & Data Privacy 2021
See more at https://www.financialpoise.com/webinars/
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
This document discusses privacy, data security, and anti-spam compliance. It covers privacy legislation in Canada including PIPEDA, and outlines new provisions regarding applicants for employment and sharing personal information to investigate breaches of law. Regarding data security, it discusses regulatory frameworks and standards from OSFI, CSA, and PIPEDA. Breach notification requirements are outlined. Finally, the document discusses CASL spam regulation including express consent requirements and recent enforcement actions.
The CIO should understand how different departments within their company use technology, who the key stakeholders are, and the financial situation of the company. They should also understand the key players and trends within their industry. The CIO should participate in strategic business planning by providing a technology perspective and thinking creatively about how to leverage technology to support business goals. Finally, the CIO should work to increase revenue through technology by developing plans to engage different customer profiles and prospective clients, and promote their company within the industry through attending events, public speaking, and publishing content.
The document discusses how several accounting firms and a legal insurance company use digital signatures to streamline processes such as client onboarding, document routing, and signature collection. It provides examples of the types of documents signed digitally and highlights top features of digital signature platforms like DocuSign, Adobe EchoSign, and RightSignature that allow for complicated routing, cloning of documents, reminders, and audit trails of signed documents. The document also shares upcoming product releases from an e-signature company targeted towards accountants to further integrate signature collection into accounting workflows and document management systems.
Experion Data Breach Response ExcerptsPeter Henley
The document provides guidance on preparing for and responding to a data breach. It outlines key steps to take within the first 24 hours of discovering a breach, including securing affected systems, documenting details, notifying stakeholders and engaging forensic experts. It emphasizes the importance of having an incident response plan and team in place before a breach occurs to coordinate response efforts. The plan should include guidance for various departments and identify roles for assembling a response team, investigating breaches, notifying affected individuals, and working with external vendors and law enforcement.
If anything became clear this past year when it comes to cyber security, it’s that no one is immune from a successful attack. While a certain flow of news-making breaches are to be expected, this past year was more of a waterfall than a trickle. In addition to the many retailers that were breached, there was healthcare, eCommerce, government agencies, and well-known tech companies and financial services brands that are household names.
This HP playbook is designed to close the disconnect between how senior leadership at most enterprises are currently prepared to publically respond to a serious data breach and what they actually need to know and have in place to be successful.
This whitepaper goes over the facts about data breach and identity theft, offers ways to prevent this from happening, and offers ways to do damage control after it does. http:www.nafcu.org/affinion
Bradley's panel reacts to and addresses a hypothetical cyber incident involving a widespread compromise of consumer healthcare and financial information. Amy Leopard (Healthcare), Mike Pennington (Litigation), John Goodman (Litigation), Elena Lovoy (Financial Services), and moderator Paige Boshell (Intellectual Property, Financial Services) will offer legal and practical strategies to proactively respond to and resolve a specified data breach. Highlights will include customer notice strategies, attorney-client privilege and litigation avoidance strategies, and coordination with third parties, including external PR and forensic investigators, vendors, regulators, and law enforcement.
Bracket Capability For Distributed Systems SecurityTalal Alsubaie
The document summarizes Talal A. Alsubaie's 2001 paper on bracket capabilities for distributed systems security. It discusses access control methods like access control lists and capabilities. It then presents a case study of an e-banking system implemented in Java that uses bracket capabilities and role-based access control to restrict access to bank account objects and views based on a user's role (e.g. teller, manager, account owner). Bracket capabilities allow refining the interface exposed to restrict a user's access to only required methods.
Talk about how to design code that helps one to avoid some of the issues identified on OWASP top 10. Domain Driven Security is one of the main tools to achieve this.
Este documento discute diferentes tipos de keyloggers y formas de evadirlos y eliminar spyware. Menciona keyloggers por hardware e interfaz, formas de evadirlos como usar un teclado virtual o firewall, y cómo usar Ccleaner y Malwarebytes para eliminar spyware descargándolos primero y luego ejecutándolos en modo seguro para limpiar archivos temporales, cookies, el registro y eliminar malware encontrado antes de reiniciar el ordenador en modo normal y escanear con un antivirus.
Chapter 9: Objectives
-----------------------------------------------------------
Explain how ACLs are used to filter traffic.
Compare standard and extended IPv4 ACLs.
Explain how ACLs use wildcard masks.
Explain the guidelines for creating ACLs.
Explain the guidelines for placement of ACLs.
Configure standard IPv4 ACLs to filter traffic according to networking requirements.
Modify a standard IPv4 ACL using sequence numbers.
Configure a standard ACL to secure vty access.
Explain the structure of an extended access control entry (ACE).
Configure extended IPv4 ACLs to filter traffic according to networking requirements.
Configure an ACL to limit debug output.
Explain how a router processes packets when an ACL is applied.
Troubleshoot common ACL errors using CLI commands.
Compare IPv4 and IPv6 ACL creation.
Configure IPv6 ACLs to filter traffic according to networking requirements.
Yaser Rahmati | یاسر رحمتی
Rahmati Academy | آکادمی رحمتی
www.yaser-rahmati.ir
www.rahmati-academy.ir
Dealing Data Leaks: Creating Your Data Breach Response Planbenefitexpress
Learn what steps an employer must take after their IT systems are breached. Covers both state and federal rules regarding employer data breach responses.
The document discusses firewall design principles, characteristics, and types. It describes three common firewall configurations: screened host with single-homed bastion host, screened host with dual-homed bastion host, and screened subnet. It also covers trusted systems, access control, and defending against Trojan horse attacks.
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMNexgen Technology
TO GET THIS PROJECT COMPLETE SOURCE ON SUPPORT WITH EXECUTION PLEASE CALL BELOW CONTACT DETAILS
MOBILE: 9791938249, 0413-2211159, WEB: WWW.NEXGENPROJECT.COM,WWW.FINALYEAR-IEEEPROJECTS.COM, EMAIL:Praveen@nexgenproject.com
NEXGEN TECHNOLOGY provides total software solutions to its customers. Apsys works closely with the customers to identify their business processes for computerization and help them implement state-of-the-art solutions. By identifying and enhancing their processes through information technology solutions. NEXGEN TECHNOLOGY help it customers optimally use their resources.
This document provides an overview of secure coding practices for developers. It discusses secure design principles like defense in depth and least privilege. It also covers secure coding practices such as input validation, escaping, and HTML sanitization. The document provides examples of good and bad code related to reflecting user input, access control, and request authenticity. It also defines key security terms and outlines strategies for handling user input and encoding output.
Access control lists (ACLs) are used to control network traffic flows between routers by filtering packets. Standard ACLs filter based on source IP address and block bidirectional traffic. Extended ACLs filter on source IP address, destination IP address, protocol and port, and can block traffic in one direction only. Wildcard masks are used in ACLs to specify which IP address bits must match for the ACL entry to apply.
The document discusses operating system (OS) security. It begins by defining an OS and explaining that OS security refers to protecting information and data used on a computer system. It then lists some key OS security issues like physical security, authentication, software vulnerabilities, and malware. Several main security threats to OS are described such as unauthorized access, unauthorized resource use, data theft, and denial of service attacks. The document provides precautions to improve OS security like setting BIOS passwords, using strong user account passwords, encrypting data, installing antivirus software, and using a personal firewall. It states that Linux and other UNIX-based systems are generally more secure than Windows due to fewer viruses and malware. The conclusion emphasizes that security depends on the
This study guide is intended to provide those pursuing the CCNA certification with a framework of what concepts need to be studied. This is not a comprehensive document containing all the secrets of the CCNP nor is it a “braindump” of questions and answers.
I sincerely hope that this document provides some assistance and clarity in your studies.
The document consists of citations for pages 1 through 84 of the book "Complete Idiot's Guide to MBA Basics" by Tom Gorman, published in 1998 by Alpha Books in Indianapolis, Indiana. It provides an overview of the table of contents and content across 84 pages but no other contextual details about the book.
Goals of Protection
Principles of Protection
Domain of Protection
Access Matrix
Implementation of Access Matrix
Access Control
Revocation of Access Rights
Capability-Based Systems
Language-Based Protection
This document summarizes a presentation on data protection compliance. It discusses choosing the right partner for data protection services. Specifically:
- Credibility is important - look for recognized brands, references from similar customers, and physical facilities. Trade body memberships also signal credibility.
- Compliance involves standards like ISO 27001 for information security and ISO 9001 for quality management. Shredding services should meet BS EN15713 for secure destruction and CPNI approval for classified documents.
- Culture matters - look for a strong customer focus, comprehensive service scope, health and safety emphasis, and investment in staff and technology.
Data Breach Response is a Team Sport discusses the importance of having a coordinated response plan and team in place to respond to a cybersecurity incident or data breach. It recommends identifying a cybersecurity leader, understanding applicable laws and obligations, determining critical data assets, creating flexible response plans for different scenarios, ensuring the right technology is in place, understanding insurance policies, assessing vendor risks, and learning from past incidents to improve plans. The presentation emphasizes that responding to a breach is complex, time sensitive, and involves many stakeholders, so preparation and cross-functional coordination are essential.
This document provides an overview of chapter 1 of the CNIT 125 course on information security and CISSP preparation. It covers key security terms like confidentiality, integrity, and availability that make up the CIA triad. It also discusses security governance principles such as strategic planning, change management, data classification, and defining security roles and responsibilities. Finally, it introduces several common security control frameworks and standards like ISO 27000, NIST 800 series, and COSO that are used to implement controls and ensure compliance.
Is your organization ready to respond to an incident? More specifically, do you have the people, process, and technology in place that is required to cope with today's threats?
This webinar will provide practical steps on how to assess your organization's risks, threats, and current capabilities through a methodical and proven approach. From there, it will detail the people, process, and technology considerations when standing up or revitalizing an incident response (IR) program.
Specifically it will cover the four pillars of a modern IR function:
- Identify what must be protected
- Scope potential breach impact to the organization
- Define IR management capabilities
- Determine likely threats and their potential impact
Our featured speakers for this webinar will be:
- Ted Julian, Chief Marketing Officer, Co3 Systems
- Richard White, Solutions Principal, HP
ch1.pptx Chapter 1 of CISSP ch1.pptx Chapter 1 of CISSPch1.pptx Chapter 1 of ...drsajjad13
This document provides an overview of chapter 1 of a course on information security and CISSP preparation. It covers several topics including security control frameworks, compliance, laws and regulations, professional ethics, security documentation, business continuity, personnel security policies and procedures, risk management concepts, security terms, and security governance principles. Specific frameworks discussed include ISO/IEC 27000, Zachman, TOGAF, DoDAF, and MODAF. It also covers concepts like the CIA triad of confidentiality, integrity and availability, as well as subjects, objects, defense in depth, due care and due diligence, and more.
Ingenia consultants-9 basic steps towards TRM complianceSami Benafia
This document provides an overview of a practical approach to technology risk management (TRM) compliance. It discusses key areas including data inventory, risk management, incident and problem management, and outsourcing.
The first section introduces common financial institution regulations around technology risk. It emphasizes the need for all financial institutions, large and small, to comply.
The next sections outline steps for conducting a data inventory, performing risk assessment and management, establishing incident response processes, and properly managing outsourced systems and data. Specific considerations are provided around data classification, access controls, backup protocols, and response time objectives.
The final section warns of risks associated with third party vendors, including potential data breaches and financial and reput
Role of The Board In IT Governance & Cyber Security-Steve HowseCGTI
This document discusses I.T. strategy, risk management, and governance. It begins with an introduction of Steve Howse, the president of Millington & Associates, and his background. The document then discusses what I.T. strategy and governance entail and why they are important. It introduces the "20 questions" framework as a tool to assess I.T. strategy, risk, and governance. The questions are categorized into strategic issues, internal control issues, and risk issues. The document dives deeper into examples of risks and what organizations can do to address risks such as dedicating board members to I.T. committees and ensuring business continuity plans are tested.
This document provides an overview of Chapter 1 of the CNIT 125 course on information security and CISSP preparation. Part 1 discusses security terms like the CIA triad of confidentiality, integrity and availability. It also covers security governance principles such as data classification, roles and responsibilities, and strategic/tactical/operational planning. Part 2 introduces several security control frameworks and standards for compliance, as well as legal/regulatory issues involving computer crime, liability, and intellectual property.
Slides for a college CISSP prep course. Instructor: Sam Bowne
Taught online for Coastline Community College and face-to-face at City College San Francisco.
Based on: "CISSP Study Guide, Third Edition"; by Eric Conrad, Seth Misenar, Joshua Feldman; ISBN-10: 0128024372.
More information at https://samsclass.info/125/125_F17.shtml
When thinking about cybersecurity, you have to move past the lone thought of data breaches. Cybersecurity should include preparing for the slew of additional threats that are out there. Take a peek at this review of today’s most prevalent cybersecurity risks and see the steps to identifying, preventing, detecting, responding to and recovering from attacks.
This document outlines a 5-step process for improving an organization's incident response plan. Step 1 involves determining what constitutes an incident based on factors like asset criticality and impact. Step 2 is defining roles and responsibilities and ensuring the team is prepared. Step 3 is testing the plan through exercises to identify weaknesses. Step 4 focuses on improving communications plans. Step 5 is measuring the potential impact of incidents to understand recovery objectives. The overall goal is to create a well-defined, tested plan with the right people assigned to effectively respond to security incidents.
Privacy Breaches - The Private Sector Perspectivecanadianlawyer
Discusses issues that arise in organizations when faced with a privacy breach. Compares attitude and approach of organizations with those of privacy regulators.
Webinar: Don’t Be a Victim to Cyber Liability RisksKeenanSolutions
Data is everywhere within our organizations. Not protecting the data puts your organization at risk of lawsuits and other regulatory fines.
Cyber liability is one of the newest emerging risks that schools, public agencies, and healthcare organizations must manage on a daily basis. Don’t become one of the almost 4,500 organizations across the United States who were victims of a data breach within the last 10 years.
-
This document summarizes a presentation given by Brian Hamilton on privacy, security, and access to data. It discusses the role of the Office of the Information and Privacy Commissioner of Alberta in overseeing privacy laws and reviewing research proposals. It outlines how the office analyzes information sharing and big data initiatives to ensure privacy is protected. Tips are provided for developing privacy controls and gaining approval, including conducting a privacy impact assessment and developing expertise in privacy principles.
The document provides information about Leo Lourdes and his foundation in cyber security. Leo Lourdes has extensive training and certifications in IT management, project management, information security and service management. The objective of his cyber security foundation is to prevent harm to computer networks, applications, devices and data. The training covers topics such as the CIA triad, security governance, risk management and cyber threats.
Why your Information Security MUST mesh with your Business Continuity ProgramPECB
Data breaches, cyber-attacks and hacking should be thought of as inevitable consequences of our interconnected world. We’re reliant on data and machines which makes us vulnerable when those assets are abused. Information and cyber security measures seek to prevent data breaches and losing control of systems and processes that, for example, use industrial control systems. Business continuity (BC) programs/plans stand as an organization’s last line of defense against any number of threats and hazards, not the least of which are data breaches and hacked control systems. There is added value from good business continuity planning. A rigorous BC program always has included IT disaster recovery, but the preparedness that stems from robust BC plans can deter cyber-attacks and protect an organization – including its reputation – when those attacks occur.
Main points covered:
• Why is the Information Security and Business Continuity plan incorporation important?
• Is hacking inevitable?
• How are Information Security and Business Continuity linked?
• How Business Continuity and Information Security stand as the last line of defense
• What is the ‘best’ plan that we should follow to be protected from threats?
Presenter:
Dr. Ed Goldberg, MBA, BSEE, CBCP, manages Eversource’s BC & DR programs in Berlin, CT and served 10 years as IT manager at Millstone Nuclear Power Station. Ed is a Certified Business Continuity Professional with 25+ years IT and management experience. He served 4 terms as president of the Connecticut ACP and is a popular conference speaker and published author. Also, Ed served 5 years as adjunct faculty and 8 years as core faculty at Capella University where he mentored PhD students, taught and developed IT management and general PhD research coursework. He also taught MBA and IT coursework at Albertus Magnus College for 11 years.
Link to the recorded webinar: https://youtu.be/ePNhhGgaEFc
This presentation reviews GDPR at a high level, and presents the core philosophy behind GDPR as well as the key concepts and key elements to consider in your data protection program.
This document provides an overview of privacy impact assessments (PIAs). It defines a PIA as an analysis of how information is handled to ensure legal and policy compliance and evaluate privacy risks. The document outlines when PIAs are required, their typical anatomy, and how they fit into the project life cycle. A PIA assesses the collection, use, disclosure and security of personal information and makes recommendations to address any risks to privacy compliance.
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxDan Michaluk
One hour presentation to IT professionals at Ontario school boards. Covers labour issues in MFA rollout, threat information sharing and business e-mail compromises and PHIPA.
Critical Issues in School Board Cyber SecurityDan Michaluk
An hour presentation to school board officials in Ontario on cyber security issues, covering the threat environment, defense, incident response, threat information sharing and vendor issues.
Higher Education Sexual Violence PresentationDan Michaluk
This document summarizes a presentation on institutional policy and liability regarding sexual assault on campus. It discusses key policy issues around confidentiality and control, non-disclosure agreements, and running fair hearings. It also reviews relevant legislation and case law from universities in Manitoba, Windsor, and the US. The presentation aims to help institutions balance survivor agency, risk management, and procedural fairness in their policies and practices.
Cyber class action claims at an inflection pointDan Michaluk
This document summarizes three Ontario court cases related to privacy class actions and data breaches. The first case found that the defendant's response to a data breach was exemplary and that plaintiffs failed to prove compensable damages or that identity theft was caused by the breach. The second and third cases found that failures to prevent data intrusions do not constitute the intentional tort of intrusion upon seclusion, and that vicarious liability does not apply to actions of former employees. These cases set precedents that make it difficult for plaintiffs to win privacy class actions in Ontario. The document discusses implications for data breach responses and potential alternatives to class actions for enabling justice around privacy issues.
One hour presentation to Ontario public sector institutions that looks at the privacy and security implications the main information flows associated with COVID-19 workplace health and safety.
Here's a one hour presentation to Canadian municipal lawyers on the union right of access to information that arises under labour law and how it has fared against employee privacy claims.
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
This document discusses the privacy and security implications of AI, big data, and predictive analytics in the workplace. It provides an overview of workplace privacy law in Canada, including statutes that govern the handling of employee personal information. While no Canadian law directly addresses AI and predictive analytics, statutes support employee control over personal information not related to employment and transparent data processing. The document examines potential AI applications in fraud detection, data security, process automation, and employee retention. It also discusses challenges around collecting and using employee data for AI models and the possibility of future AI regulation in Canada.
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateDan Michaluk
This document summarizes key issues regarding privacy law in Canada. It discusses two questions: whether evidence obtained in breach of privacy would be excluded in non-criminal cases, and what has been learned about the elements and defenses of the intrusion upon seclusion tort since a recent case. Regarding the first question, the document concludes evidence is rarely excluded. For the second question, it outlines the elements and defenses established in the recent case, and analyzes how subsequent cases have applied those standards.
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
45 min prez to compliance professionals at Canadian financial institutions. A survey presentation covering privacy, data security and anti-spam (CASL).
I hate the term "breach" - please call it a "security incident" - but the term "breach coach" is certainly ingrained. Posting today's presentation on the role of the coach as I step out the door to an insurance sector event.
Who is the "health information custodian" when an institution with an educational mandate provides health care? PHIPA gives institutions choice. Here's a presentation i gave yesterday in which I argue that the institution (and not its practitioners) should assume the role of the HIC.
This document provides tips and tools for collecting internet evidence. It discusses using WHOIS searches to find information about domain registrants, the Wayback Machine for archived website snapshots, reverse image searches to verify identities, and various social media search tools like AllMyTweets, Knowem, and Social Searcher. The document cautions that only clients, not assistants, should directly access online accounts and platforms. It also includes an ethics scenario about using a relative's friendship on Facebook to view information about a plaintiff.
Sexual Assault in Higher Education - Law Policy and PracticeDan Michaluk
This document summarizes a presentation given at a national conference on campus sexual assault. It discusses recent statutory initiatives in several Canadian provinces to address campus sexual assault. It also compares the new policies in Ontario and British Columbia, noting their common focus on accountability, transparency, and survivor support, as well as differences in policy approval processes and content requirements. Finally, it addresses several legal and policy questions around investigating complaints, ensuring procedural fairness, implementing interim measures, and addressing off-campus incidents.
Student Conduct Investigations - Examining Evidence and Determining CredibiliityDan Michaluk
The document discusses examining evidence and determining credibility in student conduct investigations. It outlines collecting evidence, analyzing credibility through logical and subjective factors, and recording the analysis. The investigator's role is to gather evidence fairly to determine what happened. Credibility analysis considers evidence coherence, witness motives, recollection details, and predispositions rather than character. The analysis should address all evidence and be clearly articulated for decision makers.
Privacy and breaches in health care - a legal updateDan Michaluk
A 45 minute presentation to hospital administrators in Ontario. A state of the nation address on the legal environment related to data security incidents.
This document summarizes key case law related to addressing sexual and gender violence at post-secondary institutions. It discusses jurisdiction, the duty to investigate, standards of fairness, and issues like proof/credibility, expert testimony, and consent. On jurisdiction, institutions must demonstrate impact on campus. The duty to investigate requires a fair process and assessing credibility without treating corroboration as mandatory. High standards of fairness are required given the seriousness of sexual assault allegations. Expert testimony and beliefs about consent can also impact these cases.
Safeguarding Against Financial Crime: AML Compliance Regulations DemystifiedPROF. PAUL ALLIEU KAMARA
To ensure the integrity of financial systems and combat illicit financial activities, understanding AML (Anti-Money Laundering) compliance regulations is crucial for financial institutions and businesses. AML compliance regulations are designed to prevent money laundering and the financing of terrorist activities by imposing specific requirements on financial institutions, including customer due diligence, monitoring, and reporting of suspicious activities (GitHub Docs).
A Critical Study of ICC Prosecutor's Move on GAZA WarNilendra Kumar
ICC Prosecutor Karim Khan's proposal to its judges seeking permission to prosecute Israeli leaders and Hamas commanders for crimes against the law of war has serious ramifications and calls deep scrutiny.
सुप्रीम कोर्ट ने यह भी माना था कि मजिस्ट्रेट का यह कर्तव्य है कि वह सुनिश्चित करे कि अधिकारी पीएमएलए के तहत निर्धारित प्रक्रिया के साथ-साथ संवैधानिक सुरक्षा उपायों का भी उचित रूप से पालन करें।
3. Responding to Data Breaches
March 25, 2015
Better breach response
• The Rules of Professional Conduct
• The basis for good breach response
• Incident response planning
• Notification, harm mitigation and risk
management
4. Responding to Data Breaches
March 25, 2015
Rules of Professional Conduct
• Rule 3.2-2 – shall be honest and candid (breach
reporting duty?)
• Rule 3.3-1 – shall hold in strict confidence
• Rule 3.5-2 – shall care of a client's property as a
careful and prudent owner would…
5. Responding to Data Breaches
March 25, 2015
Why have a formal, written plan?
• Breaches are best managed as crises
• This means
• Time is of the essence
• Organizational behaviour can be problematic
• Also
• Formal incident response plans are required by
recognized data security standards
6. Responding to Data Breaches
March 25, 2015
The basis for good breach response
• Good records management
• Records classified in accordance with sensitivity
• Records with personal information tagged
• Strong logging of system activity
• Security intelligence and periodical vulnerability
assessments
• Strong vendor contracts (notification, cooperation,
control of breach response)
7. Responding to Data Breaches
March 25, 2015
What's in a plan?
• Identification – what is an "incident"
• Escalation – reporting duties and accountabilities
• Role and process definition (typically featuring a
multi-disciplinary "breach response team")
• Assess – gather facts and triage
• Contain – immediate
• Investigate – five Ws
• Manage – liability, public affairs
8. Responding to Data Breaches
March 25, 2015
What's in a plan?
• Don't forget!
• Communication norms
• Recordkeeping
• Confidentiality
9. Responding to Data Breaches
March 25, 2015
Identification and escalation
• Internal reporting supports identification
• Make clear that individuals are not to self-assess
10. Responding to Data Breaches
March 25, 2015
Identification and escalation
• Other means of identification
• Internal security analysis (network and system
analysis is becoming the norm)
• External reports (police, customers, credit card
companies and others)
11. Responding to Data Breaches
March 25, 2015
The incident response team
• Privacy office
• Information security / corporate security
• Legal
• Risk management
• Communications
• Management from affected business (or human
resources if employees are affected)
12. Responding to Data Breaches
March 25, 2015
Experts to retain in advance
• Why?
• Objectivity can wither in a crises
• Bench strength may be required
• Who?
• IT forensics
• Crises communications
• Legal counsel
13. Responding to Data Breaches
March 25, 2015
Role of legal counsel
• Control strategic direction
• Identify legal risks and potential liabilities
• Input into advocacy
• Affected persons
• The media and public
• Regulators
• Litigation management
14. Responding to Data Breaches
March 25, 2015
Practice, test, update
• Annual update
• Plans should, in general, be scenario-neutral
• Update based on external and internal analysis
• From new contact information to new procedure
• Tests / fire drills
• Identify flaws in detection capability
• Develop tactical IT skills required for correction
• Discover data gaps and other problems
• Garner decision-making confidence
• Can be an intervention that supports change
15. Responding to Data Breaches
March 25, 2015
Notification and remediation
• Outside the health sector, only under Alberta
legislation currently (S-4 will amend PIPEDA)
• But foreign laws will often apply (and notifying half
of an affected population does not work)
• Notification may be required by a common law
duty if harm is reasonably foreseeable
• Notification may be desirable b/c people will find
out and you can't tolerate the justification process
16. Responding to Data Breaches
March 25, 2015
Notification and remediation
• What happened (with identification of personal
information elements)
• What you've done to contain it
• Contact information
• Consider
• An apology
• Telling people where to get help
• Making a protective offer
Ian Dick is my partner and my source of guidance on complex litigation. I'll let you read his bio but what you won't see on there is experience in the mop up after major crises including Walkerton and the tainted blood scandal.
With no slight to Ian I'll say that I know the reason you're all here is to see Karen Gordon of Squeaky Wheel Communications. Karen and I cut our teeth together on a 65000 person data breach in 2006. It's very important when your in crises to have legal and communications work in tandem. We had that and I can say very confidently from that file and subsequent files that Karen is an amazing crises communicator.
Not making a general pitch on taking care of data security….
Our pitch is more specific
It's about the need to plan ahead for the inevitable
To create a written, reasonably robust incident response policy
Who's got one?
Spend 30 minutes – making the pitch and explaining how
-one of three components here but is the key message
Ian
(Explain and frame presentation as supportive of Rule compliance.)
You need a breach response plan because you will be in crises
-Important decisions…
-…about significant harms…
-…under great time pressure (as soon as reasonably possible, 30 from discovery under Obama legislation)
If you do not plan in advance you will be slow
-poor identification and escalation
-responsibility and authority won't be clear or will be dispersed
-resources won't be clear
Protect against bad behavior
-groupthink - bone person accountable will promote best decision-making
-self protection - theme/messages
"when they come asking, you will answer"
"we will not tolerate self-protecting behavior"
-PCI-DSS --- 12.10
-ISO 27002 – requirement 16
Ian
-Not starting from scratch!
-Look at ISO – 27002:2013 requirement 16
-Look at PCI-DSS – 12.10
-Calibrate to your culture. Tolerance. Err towards bureaucratic for this type of policy.
…
-core elements on this slide
-policy to facilitate identification and escalation
-role and process definition
-who is responsible for what
-at each stage of the process
-what resources are available and can be drawn upon
Also address critical communication and recordkeeping issues
Questions to answer via policy
-How will people be contacted on a 24/7 basis?
-What's the back up plan? (Anticipate network failure)
-What will and will not be communicated over-email?
-What will and will not be said to others over e-mail?
-Who keeps a record of decisions and their rationale? In what form?
These things also go in policy -Commitment to training and communication
-Commitment to periodic review and updating
Ian
-note that this one is narrow
-excludes "significant threats" and "near misses"
Ian
-Recognition that these are complex problems that require (for due diligence) expert input
-This is a typical team
-Do you have a significantly different composition at your organization?
-Appropriate for team or individual on team to have broad decision making authority, at least to make the type of decisions that can be readily anticipated
-shut down an affected service
-retain outside assistance
-authorize communications to public
-authorize communication to authorities
-make remedial offers
Consensus? One person assigned?
Ian
Two kinds of legal advisors
Strategic advisor – explained on this slide
Expert advisor – sounding board, notification opinions
Note that your incident response policy may affect whether you can claim privilege over communications
If the breach response process is framed as a process if getting information to counsel so counsel can advise then communications in support of that process are likely to be privileged
May be more difficult when the lawyer is merely part of the team, but if you establish by policy that lawyer's only role is to provide legal advice you should be okay
-annual update is the best practice
-if you drill into specific risks, update the risks based on an annual risk assessment
…
-fire drills may be appropriate