SlideShare a Scribd company logo

Cyber Incident Response Checklist for Law Firms

Shawn Tuma
Shawn Tuma

This checklist outlines the steps a company should take in response to a cyber incident. It includes determining if the incident warrants escalation, documenting decisions, mitigating any ongoing compromise, engaging legal counsel, activating an incident response plan, notifying relevant parties such as insurers and business partners, investigating the scope of data compromised, assessing legal obligations, determining if law enforcement or public notification is required, and implementing measures to prevent future breaches. The checklist emphasizes having an incident response plan in place before a breach occurs to facilitate a coordinated response.

Law
1 of 1
Download to read offline
Spencer Fane LLP | spencerfane.com Cyber Incident Response Checklist n Determine whether incident justifies escalation n Begin documentation of decisions and actions n Begin mitigation of compromise n Engage experienced legal counsel to guide through process, determine privilege vs disclosure tracks n Activate Incident Response Plan and notify and convene Incident Response Team n Notify cyber insurance carrier n Notify affected business partners per contractual obligations n Engage forensics to mitigate continued harm, gather evidence, and investigate n Assess scope and nature of data compromised n Preliminarily determine legal obligations based on type of data and jurisdictions n Determine whether to notify law enforcement n Begin preparing public relations message n Engage notification / credit services vendor n Investigate whether data has been “breached” n Determine when notification “clock” started n Remediate and protect against future breaches n Confirm notification / remediation obligations n Determine proper remediation services n Assemble contact information for notifications n Prepare notification letters, frequently asked questions, and call centers n Plan and time notification “drop” n Implement public relations strategy n Administrative reporting (AGs, HHS, FTC, SEC) n Implement Cyber Risk Management Program Assess Cyber Risk Strategic Planning Deploy Defense Assets Develop, Implement & Train on P&P Tabletop Testing Reassess & Refine Cyber Risk Management Program “Firms must adopt written policies to protect their clients’ private information . . . they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.” – S.E.C. v. R.T. Jones Capital Equities Mgt.

Recommended

Cyber Hygiene Checklist
Cyber Hygiene ChecklistCyber Hygiene Checklist
Cyber Hygiene ChecklistShawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
Managing security risks in today's digital era
Managing security risks in today's digital eraManaging security risks in today's digital era
Managing security risks in today's digital eraSingtel
 
Lets talk data security
Lets talk data securityLets talk data security
Lets talk data securityNovosco
 
ICT Security: Defence strategies against targeted attack
ICT Security: Defence strategies against targeted attackICT Security: Defence strategies against targeted attack
ICT Security: Defence strategies against targeted attackDaniele Bellavista
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurityJisc
 
Darryl T. Smith Resume (1)
Darryl T. Smith Resume (1)Darryl T. Smith Resume (1)
Darryl T. Smith Resume (1)Darryl Smith, CISSP
 
Mastering next gen-siem-usecases-part1
Mastering next gen-siem-usecases-part1Mastering next gen-siem-usecases-part1
Mastering next gen-siem-usecases-part1Priyanka Aash
 

Recommended

Cyber Hygiene Checklist
Cyber Hygiene ChecklistCyber Hygiene Checklist
Cyber Hygiene ChecklistShawn Tuma
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
Managing security risks in today's digital era
Managing security risks in today's digital eraManaging security risks in today's digital era
Managing security risks in today's digital eraSingtel
 
Lets talk data security
Lets talk data securityLets talk data security
Lets talk data securityNovosco
 
ICT Security: Defence strategies against targeted attack
ICT Security: Defence strategies against targeted attackICT Security: Defence strategies against targeted attack
ICT Security: Defence strategies against targeted attackDaniele Bellavista
 
Communicating cybersecurity
Communicating cybersecurityCommunicating cybersecurity
Communicating cybersecurityJisc
 
Darryl T. Smith Resume (1)
Darryl T. Smith Resume (1)Darryl T. Smith Resume (1)
Darryl T. Smith Resume (1)Darryl Smith, CISSP
 
Mastering next gen-siem-usecases-part1
Mastering next gen-siem-usecases-part1Mastering next gen-siem-usecases-part1
Mastering next gen-siem-usecases-part1Priyanka Aash
 
Audit summary from security solutions and ovation tech
Audit summary from security solutions and ovation techAudit summary from security solutions and ovation tech
Audit summary from security solutions and ovation techMeg Weber
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentationKenneth Dorado, CISA, HCISPP
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsRecorded Future
 
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh ĐứcNETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh ĐứcSecurity Bootcamp
 
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...TruShield Security Solutions
 
Updated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystUpdated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystTiffany Doby
 
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...Laryssa Mereszczak
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsShawn Tuma
 
CV-SMB-infographic-small
CV-SMB-infographic-smallCV-SMB-infographic-small
CV-SMB-infographic-smallJeff Geissler
 
Global Ransomware Attacks
Global Ransomware AttacksGlobal Ransomware Attacks
Global Ransomware AttacksEmily Brown
 
Multimedia content security in file based environments - sami guirguis
Multimedia content security in file based environments - sami guirguisMultimedia content security in file based environments - sami guirguis
Multimedia content security in file based environments - sami guirguissamis
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]Stanton Viaduc
 
Saner 2.0
Saner 2.0Saner 2.0
Saner 2.0SecPod Technologies
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
How to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsHow to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsID Experts
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY Indiaaparnatikekar4
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaNina Yadav
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaNishantSisodiya
 
Forensic Services and Global Experience:the Intelligent Connection - EY India
Forensic Services and Global Experience:the Intelligent Connection - EY IndiaForensic Services and Global Experience:the Intelligent Connection - EY India
Forensic Services and Global Experience:the Intelligent Connection - EY Indiakarthikswamii
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaSadanandGahivare
 

More Related Content

What's hot

Audit summary from security solutions and ovation tech
Audit summary from security solutions and ovation techAudit summary from security solutions and ovation tech
Audit summary from security solutions and ovation techMeg Weber
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsRecorded Future
 
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh ĐứcNETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh ĐứcSecurity Bootcamp
 
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...TruShield Security Solutions
 
Updated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystUpdated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystTiffany Doby
 
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...Laryssa Mereszczak
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsShawn Tuma
 
CV-SMB-infographic-small
CV-SMB-infographic-smallCV-SMB-infographic-small
CV-SMB-infographic-smallJeff Geissler
 
Global Ransomware Attacks
Global Ransomware AttacksGlobal Ransomware Attacks
Global Ransomware AttacksEmily Brown
 
Multimedia content security in file based environments - sami guirguis
Multimedia content security in file based environments - sami guirguisMultimedia content security in file based environments - sami guirguis
Multimedia content security in file based environments - sami guirguissamis
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]Stanton Viaduc
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthPECB
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 

What's hot (16)

Audit summary from security solutions and ovation tech
Audit summary from security solutions and ovation techAudit summary from security solutions and ovation tech
Audit summary from security solutions and ovation tech
 
IASA ey deck presentation
IASA ey deck presentationIASA ey deck presentation
IASA ey deck presentation
 
Top 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPsTop 6 Sources for Identifying Threat Actor TTPs
Top 6 Sources for Identifying Threat Actor TTPs
 
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh ĐứcNETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
NETWORK SECURITY MONITORING WITH BIG DATA ANALYTICS - Nguyễn Minh Đức
 
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
Penetration Testing and Vulnerability Assessments: Examining the SEC and FINR...
 
Updated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analystUpdated Senior Cyber Intel security analyst
Updated Senior Cyber Intel security analyst
 
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
Cal Net Tech Talk Webinar Vulnerability Management 101-10 Essential Rules to ...
 
The Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should IncludeThe Legal Case for Cyber Risk Management Programs and What They Should Include
The Legal Case for Cyber Risk Management Programs and What They Should Include
 
Cybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal ProfessionalsCybersecurity Fundamentals for Legal Professionals
Cybersecurity Fundamentals for Legal Professionals
 
CV-SMB-infographic-small
CV-SMB-infographic-smallCV-SMB-infographic-small
CV-SMB-infographic-small
 
Global Ransomware Attacks
Global Ransomware AttacksGlobal Ransomware Attacks
Global Ransomware Attacks
 
Multimedia content security in file based environments - sami guirguis
Multimedia content security in file based environments - sami guirguisMultimedia content security in file based environments - sami guirguis
Multimedia content security in file based environments - sami guirguis
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
 
Saner 2.0
Saner 2.0Saner 2.0
Saner 2.0
 
Protecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in DepthProtecting the Network From Yourself Using Defense in Depth
Protecting the Network From Yourself Using Defense in Depth
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
 

Similar to Cyber Incident Response Checklist for Law Firms

How to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsHow to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsID Experts
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY Indiaaparnatikekar4
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaNina Yadav
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaNishantSisodiya
 
Forensic Services and Global Experience:the Intelligent Connection - EY India
Forensic Services and Global Experience:the Intelligent Connection - EY IndiaForensic Services and Global Experience:the Intelligent Connection - EY India
Forensic Services and Global Experience:the Intelligent Connection - EY Indiakarthikswamii
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaSadanandGahivare
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY Indiagauravmiishra701
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY Indiasathish kriishnan
 
Evolution of Forensic Data Analytics - EY India
Evolution of Forensic Data Analytics - EY IndiaEvolution of Forensic Data Analytics - EY India
Evolution of Forensic Data Analytics - EY Indiakarthikswamii
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY Indiasathish kriishnan
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaNishantSisodiya
 
Forensic Accounting
Forensic AccountingForensic Accounting
Forensic AccountingNabendu Maji
 
Incident Mgmt Nov 08
Incident Mgmt Nov 08Incident Mgmt Nov 08
Incident Mgmt Nov 08empower
 
GlobalCollect Data Breach Factsheet
GlobalCollect Data Breach FactsheetGlobalCollect Data Breach Factsheet
GlobalCollect Data Breach FactsheetIngenico ePayments
 
Cybersecurity Incident Management for Small and Medium-sized Businesses
Cybersecurity Incident Management for Small and Medium-sized BusinessesCybersecurity Incident Management for Small and Medium-sized Businesses
Cybersecurity Incident Management for Small and Medium-sized BusinessesCentextech
 
Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Shawn Tuma
 
Cybersecurity: How To Protect Your Law Firm Data
Cybersecurity: How To Protect Your Law Firm DataCybersecurity: How To Protect Your Law Firm Data
Cybersecurity: How To Protect Your Law Firm DataRocket Matter, LLC
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsPeter Henley
 

Similar to Cyber Incident Response Checklist for Law Firms (20)

How to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsHow to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity Clients
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Services and Global Experience:the Intelligent Connection - EY India
Forensic Services and Global Experience:the Intelligent Connection - EY IndiaForensic Services and Global Experience:the Intelligent Connection - EY India
Forensic Services and Global Experience:the Intelligent Connection - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Evolution of Forensic Data Analytics - EY India
Evolution of Forensic Data Analytics - EY IndiaEvolution of Forensic Data Analytics - EY India
Evolution of Forensic Data Analytics - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY IndiaForensic Services and Global Experience: the Intelligent Connection - EY India
Forensic Services and Global Experience: the Intelligent Connection - EY India
 
Forensic Accounting
Forensic AccountingForensic Accounting
Forensic Accounting
 
Incident Mgmt Nov 08
Incident Mgmt Nov 08Incident Mgmt Nov 08
Incident Mgmt Nov 08
 
GlobalCollect Data Breach Factsheet
GlobalCollect Data Breach FactsheetGlobalCollect Data Breach Factsheet
GlobalCollect Data Breach Factsheet
 
Cybersecurity Incident Management for Small and Medium-sized Businesses
Cybersecurity Incident Management for Small and Medium-sized BusinessesCybersecurity Incident Management for Small and Medium-sized Businesses
Cybersecurity Incident Management for Small and Medium-sized Businesses
 
Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.Real World Cyber Risk. Understand it. Manage it.
Real World Cyber Risk. Understand it. Manage it.
 
Cybersecurity: How To Protect Your Law Firm Data
Cybersecurity: How To Protect Your Law Firm DataCybersecurity: How To Protect Your Law Firm Data
Cybersecurity: How To Protect Your Law Firm Data
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?
 
Dion Spencer
Dion SpencerDion Spencer
Dion Spencer
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response Excerpts
 

More from Shawn Tuma

Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Shawn Tuma
 
The Dark Side of Digital Engagement
The Dark Side of Digital EngagementThe Dark Side of Digital Engagement
The Dark Side of Digital EngagementShawn Tuma
 
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackIncident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Shawn Tuma
 
The Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachThe Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Lawyers' Ethical Obligations for Cybersecurity
Lawyers' Ethical Obligations for CybersecurityLawyers' Ethical Obligations for Cybersecurity
Lawyers' Ethical Obligations for CybersecurityShawn Tuma
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsShawn Tuma
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemShawn Tuma
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Shawn Tuma
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500Shawn Tuma
 
Cybersecurity Update
Cybersecurity UpdateCybersecurity Update
Cybersecurity UpdateShawn Tuma
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesShawn Tuma
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!Shawn Tuma
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...Shawn Tuma
 

More from Shawn Tuma (20)

Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
 
The Dark Side of Digital Engagement
The Dark Side of Digital EngagementThe Dark Side of Digital Engagement
The Dark Side of Digital Engagement
 
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware AttackIncident Response Planning - Lifecycle of Responding to a Ransomware Attack
Incident Response Planning - Lifecycle of Responding to a Ransomware Attack
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
 
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
Reimagine Your Company Operating Again After a Ransomware Attack -- The Lifec...
 
The Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data BreachThe Role of Contracts in Privacy, Cybersecurity, and Data Breach
The Role of Contracts in Privacy, Cybersecurity, and Data Breach
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
 
Lawyers' Ethical Obligations for Cybersecurity
Lawyers' Ethical Obligations for CybersecurityLawyers' Ethical Obligations for Cybersecurity
Lawyers' Ethical Obligations for Cybersecurity
 
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
Cybersecurity is a Team Sport: How to Use Teams, Strategies, and Processes to...
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and Clients
 
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
Cybersecurity is a Team Sport (SecureWorld - Dallas 2018)
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid Them
 
Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)Cybersecurity Fundamentals for Legal Professionals (and every other business)
Cybersecurity Fundamentals for Legal Professionals (and every other business)
 
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
NYDFS Cybersecurity Regulations - 23 NYCRR Part 500
 
Cybersecurity Update
Cybersecurity UpdateCybersecurity Update
Cybersecurity Update
 
Effective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businessesEffective cybersecurity for small and midsize businesses
Effective cybersecurity for small and midsize businesses
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
 
"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!"What Could Go Wrong?" - We're Glad You Asked!
"What Could Go Wrong?" - We're Glad You Asked!
 
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
The Legal Case for Cybersecurity: Implementing and Maturing a Cyber Risk Mana...
 

Recently uploaded

如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书Fs Las
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptjudeplata
 
Indemnity Guarantee Section 124 125 and 126
Indemnity Guarantee Section 124 125 and 126Indemnity Guarantee Section 124 125 and 126
Indemnity Guarantee Section 124 125 and 126Oishi8
 
Essentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmmEssentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmm2020000445musaib
 
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书 如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书Fir sss
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书FS LS
 
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxConstitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxsrikarna235
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书E LSS
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesHome Tax Saver
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书Fir L
 
PPT on information technology laws description
PPT on information technology laws descriptionPPT on information technology laws description
PPT on information technology laws descriptionranaanish11062001
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionAnuragMishra811030
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书E LSS
 
How You Can Get a Turkish Digital Nomad Visa
How You Can Get a Turkish Digital Nomad VisaHow You Can Get a Turkish Digital Nomad Visa
How You Can Get a Turkish Digital Nomad VisaBridgeWest.eu
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 

Recently uploaded (20)

如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to Service
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
 
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Serviceyoung Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
young Call Girls in Pusa Road🔝 9953330565 🔝 escort Service
 
Indemnity Guarantee Section 124 125 and 126
Indemnity Guarantee Section 124 125 and 126Indemnity Guarantee Section 124 125 and 126
Indemnity Guarantee Section 124 125 and 126
 
Essentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmmEssentials of a Valid Transfer.pptxmmmmmm
Essentials of a Valid Transfer.pptxmmmmmm
 
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书 如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
如何办理(KPU毕业证书)加拿大昆特兰理工大学毕业证学位证书
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
 
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptxConstitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax Rates
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
 
PPT on information technology laws description
PPT on information technology laws descriptionPPT on information technology laws description
PPT on information technology laws description
 
Introduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusionIntroduction to Corruption, definition, types, impact and conclusion
Introduction to Corruption, definition, types, impact and conclusion
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书一比一原版牛津布鲁克斯大学毕业证学位证书
一比一原版牛津布鲁克斯大学毕业证学位证书
 
How You Can Get a Turkish Digital Nomad Visa
How You Can Get a Turkish Digital Nomad VisaHow You Can Get a Turkish Digital Nomad Visa
How You Can Get a Turkish Digital Nomad Visa
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 

Cyber Incident Response Checklist for Law Firms

  • 1. Spencer Fane LLP | spencerfane.com Cyber Incident Response Checklist n Determine whether incident justifies escalation n Begin documentation of decisions and actions n Begin mitigation of compromise n Engage experienced legal counsel to guide through process, determine privilege vs disclosure tracks n Activate Incident Response Plan and notify and convene Incident Response Team n Notify cyber insurance carrier n Notify affected business partners per contractual obligations n Engage forensics to mitigate continued harm, gather evidence, and investigate n Assess scope and nature of data compromised n Preliminarily determine legal obligations based on type of data and jurisdictions n Determine whether to notify law enforcement n Begin preparing public relations message n Engage notification / credit services vendor n Investigate whether data has been “breached” n Determine when notification “clock” started n Remediate and protect against future breaches n Confirm notification / remediation obligations n Determine proper remediation services n Assemble contact information for notifications n Prepare notification letters, frequently asked questions, and call centers n Plan and time notification “drop” n Implement public relations strategy n Administrative reporting (AGs, HHS, FTC, SEC) n Implement Cyber Risk Management Program Assess Cyber Risk Strategic Planning Deploy Defense Assets Develop, Implement & Train on P&P Tabletop Testing Reassess & Refine Cyber Risk Management Program “Firms must adopt written policies to protect their clients’ private information . . . they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.” – S.E.C. v. R.T. Jones Capital Equities Mgt.