Responding to a Data Breach

When a company discovers it is the victim of a cyberattack, every moment is critical. Companies must not only contain the attack and mitigate the damage, they also must quickly manage an array of demands and pressures from the media, government officials, customers, business partners and shareholders. The rapidity and efficiency with which a company responds to a cyberattack is now a subject matter of regulatory inquiry and claims asserted by private plaintiffs. Join Skadden partners Stuart Levi, Cyrus Amir-Mokri, and Peter Luneau for a discussion on key considerations in managing an attack and minimizing legal exposure.

Learning Objectives:

I.     Develop and test your Security Incident Response Plan (SIRP)

II.    Ensure strong communication between senior management and boards before, during and after an attack

III.   Interpret cyber insurance policies

IV.   Use forensic experts to determine approach to remediation efforts

V.    Interact with law enforcement and regulators

VI.   Identify State and federal data breach notification requirements

VII.  Summarize regulatory obligations for disclosure

VIII. Review public statements/disclosures for consistency with legal requirements

IX.   Prepare for ensuing litigation