Cybersecurity Incident Response Plans: The Who, What, When, Where, Why and How

All too often, companies think that if they don't maintain consumers' personal information, their risk of falling victim to a cyberattack is low. Unfortunately, these incidents occur in companies of all sizes and industries - and they are happening with increasing frequency. Companies should no longer anticipate that these breaches may happen. They should instead take the viewpoint that an attack will happen, and they will be prepared.

Cyber preparedness, including a cybersecurity incident response plan (SIRP), has become a baseline requirement of any company's overall risk management strategy. In the immediate wake of a crisis, companies should be able to quickly determine, among other things, who is making decisions, how internal and external communication will be handled, and what steps can be taken to quickly restore confidence and operating continuity. In this program, attorneys Jessica Cohen, Jocelyn Strauber, and Marc Gerber discuss SIRPs and how the first 24, 48 and 72 hours can mean the difference between a breach that is manageable and one that gets out of control. In addition, they address the fact that a company's Board of Directors plays an important role in overseeing cyber preparedness and how investors increasingly scrutinize Boards' actions in this area. 

1. Understand  the Board's role regarding cybersecurity and incident response plans
2. Identify key considerations for developing a response plan and how it fits into a company's overall risk management strategy
3. Develop best practices for conducting a tabletop exercise to evaluate the functionality of a SIRP
4. Recognize the role of a response plan in defending against legal claims and minimizing damages