Total Credits: 1.5 CLE, 0.5 Ethics
It is now clear that every company is at risk of a cyber-attack no matter how diligent and sophisticated they are at cybersecurity and in today’s cyber world, there is no such thing as “secure”. Add to that, the SEC has recently shown its seriousness about cybersecurity and is making it a priority, with multiple enforcement actions being brought recently against companies for cybersecurity-related issues. Most companies recognize that cyber-attacks such as a ransomware attack require a technical response but do not realize that there are legal and business issues that must be addressed as part of the incident response process, especially for those companies that are regulated by the SEC. One of the most important factors in getting this right is to prepare for it ahead of time.
This session will discuss the lifecycle of a ransomware attack and address key phases such as: how they happen, what the process is for recovery and investigation, and what can be done ahead of time to prepare for and hopefully prevent them from happening. It will then demonstrate how this understanding should inform how companies develop and mature their cyber risk management program with a foundation that focuses on the end game of what must be done when the unthinkable happens so that, if it does, they are prepared and able to meet their obligations.
Michael Patterson, Spencer Fane LLP
Shawn Tuma, Spencer Fane LLP
|SecReg11172021.pdf (5 MB)||81 Pages||Available after Purchase|