Skip to main content
2023 Security Congress Main banner
 
Icon Legend
Additional Fee Required
Additional Fee Required
Pre-Registration Required
Pre-Registration Required
Online & Virtual
Online & Virtual
Onsite Only
Onsite Only
Earn CPE Credits
Earn CPE Credits
Livestreamed Session
Livestreamed Session
Included in Guest Pass
Included in Guest Pass
Invite Only
Invite Only
Session Recorded
Session Recorded
Student Experience
Student Experience
Back

Onsite and Virtual

Governance, Risk & Compliance (GRC)

Breach Reports: How to Work Closely with Counsel

Thursday, October 26, 2023
11:05am – 12:05pm CT
Location: Governor's Ballroom B
CPE Credits 1
Online & Virtual Earn CPE Credits Livestreamed Session Session Recorded
Reports generated by internal and external cybersecurity incident response teams are universally requested during the discovery phase of post-incident litigation. They serve as a roadmap for plaintiffs to understand the technical vulnerabilities that allowed the incident to occur. Accordingly, organizations are incentivized to assert and maintain the privilege of the reports to prevent production and limit legal liability. Even though they have compelling interests to share the report internally to harden systems after an incident, the courts have not interpreted privilege to allow both the protection from production and internal use for technical hardening. This session will discuss attorney-client privilege vs. work product privilege and confidentiality, as well as application during a data breach and litigation.

Learning Objectives:

  • Define the fundamentals of attorney-client privilege and work product - specifically, what the doctrines protect and how they are applied in practice during litigation.
  • Recall how organizations in breach litigation have attempted to apply privilege and what courts have relied on to accept or reject privilege claims.
  • Apply best practices when creating potentially discoverable information during an incident response.