See Credit Details Below
This course is not currently eligible for CLE Credit.
Full scholarships and discounts to attend PLI programs are widely available to attorneys working in nonprofit/legal services organizations, pro bono attorneys, government attorneys, judges and judicial law clerks, law professors and law students, senior attorneys (age 65 and over), law librarians and paralegals who work for nonprofit/legal services organizations, unemployed attorneys; and others with financial hardships. We encourage all eligible attendees to complete and submit a PLI Scholarship Application.
Cyber-attacks have wreaked havoc on organizations in nearly every industry sector. A thorough understanding of this area is particularly important for companies that have not previously been in cyber attackers’ crosshairs and need to consider strategies to confront these sophisticated and persistent threats.
The case scenario created by our faculty member, and used in this course, is a fictional account of a cybersecurity breach. Learners are walked through a rich scenario presented in the form of a day-by-day accounting of events and the necessary responses.
What You Will Learn
Day 1: A cybersecurity breach is reported, and the expert investigation begins
- Know what initial actions are taken during internal and external investigations
- Understand why a company may want to collaborate with law enforcement and how law enforcement might engage with a reporting company
- Identify effective ways to respond to a cybersecurity incident
Day 2: Tension Builds
- Understand basic ways that forensic teams analyze the technical artifacts to help determine the threat actor’s objectives and what data may have been compromised
- Understand a PR firm’s role at this stage of a data breach
- Identify the next steps after learning that sensitive data was compromised
Days 3-20: Technical Artifacts
- Know that there are state-specific breach notification laws regarding which individuals must be notified and when in the case of a data breach
- Know that there may be SEC reporting obligations associated with a breach
- Recognize when it may be necessary to bring in additional outside experts, such as an intel expert, to do some deeper digging
Days 21 – 30: Legal Team Activity
- Know some of the key considerations of the legal team such as national and international data breach notification laws and contractual obligations
- Know the key actions to be taken following the investigation, including who should be notified of the breach
- Decide on how to begin releasing news of the cybersecurity incident to the public
Days 31-60: Going Live
- Recognize the many inquiries a company will receive once a data breach is public
- Understand the possible reactions of regulators in a breach event
- Decide the best actions to take after the public learns of a cybersecurity incident
Days 61-90: Lessons Learned
- Know what to expect after news of the breach gets out, from complaints to lawsuits to inquiries from regulatory entities
- Recognize and learn how to avoid some of the most common mistakes made by companies that become victims of cyber attacks
- Recognize the importance of having comprehensive policies and procedures around cybersecurity events
- Decide which steps to take to help protect against future cyber attacks
Who Should Attend
In-house counsel, privacy officers, information security professionals, general practitioners, technology lawyers and others who need a comprehensive update on the rapidly developing issues surrounding cybersecurity.An Interactive Learning Center (ILC) program