Attention:
Card image cap

Cybersecurity and Ransomware Attacks: Best Practices


Level: Intermediate
Runtime: 50 minutes
Recorded Date: April 18, 2024
Click here to share this program
Printer-Friendly Version
Closed Caption

Agenda

  • Ransomware Environment: Past 6-8 Months
  • First 24-48 Hours of an Attack
  • Containment
  • Role of Outside Counsel
  • Key Strategic Communications Principals
  • Ransom Payments: Key Risks
  • Securing Digital Assets
  • Current Trends
  • Threat Actor Intermediaries
  • Communications Strategy
  • SEC Regulations
  • Governance and Regulatory Compliance
  • Overview

For NY - Difficulty Level: Both newly admitted and experienced attorneys

Description

This program highlights the escalating threat of ransomware attacks, emphasizing the need for robust cybersecurity measures and skilled professionals in cyber law and communication to manage breach incidents effectively.
With ransomware becoming increasingly sophisticated and fast-paced, containment within the initial 24-48 hours is paramount. This requires the implementation of endpoint detection and response tools. Legal counsel plays a crucial role in containing such attacks, focusing on brand protection, communication strategies, and navigating the risks associated with paying ransom. However, identifying and addressing ransomware threats pose challenges for law enforcement and tech companies due to the lack of attribution and ownership by attackers.

Companies face mounting pressure to communicate promptly and effectively during ransomware incidents, balancing the risks of reputational damage and regulatory compliance. Transparency and communication emerge as key principles in handling such attacks to maintain trust and reputation, necessitating proactive planning and involvement of all stakeholders in simulations and discussions. Compliance with regulatory disclosure requirements, such as the SEC's rules for reporting cybersecurity incidents, adds complexity to incident response protocols and underscores the importance of having clear processes in place to prevent and manage ransomware attacks.


Provided By

Card image cap Securities Docket
Card image cap

Panelists

Card image cap

David Simon

Partner
Skadden

Formerly a Pentagon special counsel and chief cyber counsel to the U.S. Cyberspace Solarium Commission, Mr. Simon regularly assists clients as the lead investigator and crisis manager for high-stakes, cross-border incidents involving cyberattacks, data breaches and extortion, and AI, and handles related internal investigations and regulatory defense.

Mr. Simon has dealt with some of the most significant cyber incidents on an international scale. His experience includes advising victims of state-sponsored cyber activity, ransomware and other cyber extortion attacks, as well as breaches of health information, sensitive government information, intellectual property and personal data. Dual qualified to practice in the U.S. and the EU, he often represents global companies in connection with cyber incidents requiring analysis of breach reporting obligations under U.S. and EU law, including the EU General Data Protection Regulation (GDPR) and investigations by European data protection authorities. He has counseled companies on major cyber incidents and incident preparedness across virtually every industry, including financial, health care, energy, chemical, defense and aerospace, telecommunications and hospitality.

Mr. Simon is known as a go-to cyber and privacy counsel to leading global private equity sponsors and their portfolio companies, stepping in to serve as cyber counsel and incident commander when portfolio companies face ransomware or other disruptive cyberattacks. He frequently counsels boards, C-level executives and other management as they address cyber vulnerabilities and breaches, and manage associated legal, regulatory and reputational consequences. In recent years, Mr. Simon has convened regular roundtables with CISOs, CIOs and CTOs from leading global private equity firms and their portfolio companies to assess trends and risk management strategies concerning cybersecurity, AI and privacy. With years of experience working in data protection privacy compliance, Mr. Simon often advises clients on complex regulatory issues involving the collection, storage, use, transfer and sharing of personal and other sensitive data. He counsels clients on data governance and privacy compliance with HIPAA, ECPA, CCPA/CPRA, EU GDPR and a range of EU laws governing data protection and technology supply chain risk management. Mr. Simon is widely known for his experience regarding the legal and policy issues at the intersection of cybersecurity, privacy, AI and national security. In addition, he has significant experience with the evolving cybersecurity and privacy legal framework applicable to the internet of things (IoT) and product cybersecurity, operational technology (OT) and industrial control systems (ICS).

He has been recognized by Chambers USA for his “global, holistic view of the cybersecurity world,” The National Law Journal as a Cybersecurity & Data Privacy Trailblazer, The Legal 500 for his “extensive experience of cyber incidents and investigations” and Cybersecurity Docket as a member of the Incident Response 40, a collection of some of the “best and brightest” incident response attorneys in the country.

Card image cap

Scott Lindlaw

Partner
FGS Global

Scott Lindlaw is a Partner in the Washington, DC office. He advises clients on a wide range of crisis and positioning issues, including responding to and preparing for cyber-incidents. He also supports companies engaged in intellectual property and commercial litigation, antitrust matters and disputes with the government.

Scott is an attorney and veteran journalist. Before joining the firm, he practiced cybersecurity and intellectual property law at the firm Orrick, Herrington & Sutcliffe LLP.

For the last two years, Scott has been named to Business Insider's ""Top Public Relations Experts CEOs Scramble to Hire in a Crisis.""
Prior to his legal career, Scott was a reporter for The Associated Press for 16 years. He served for four years as an AP White House correspondent, covering President George W. Bush's first term; covered the statehouses in Providence, Rhode Island, and Sacramento, California; was part of a team nominated for a Pulitzer Prize for disaster coverage; and reported on the criminal and civil trials of O.J. Simpson.

Scott serves on the board of directors of the First Amendment Coalition, a nonprofit public interest organization dedicated to advancing free speech and more open and accountable government.
He earned his J.D. and his master's degree in journalism at the University of California, Berkeley and received a B.A. in English with a minor in public policy from the State University of New York at Buffalo.

Card image cap

Antony Kim

Partner
Latham & Watkins

Tony Kim represents clients across the full spectrum of advisory and enforcement matters implicating cybersecurity, data privacy, and consumer protection issues. Mr. Kim helps companies navigate crises to avoid legal, risk, and reputational landmines. He also defends clients in regulatory investigations and enforcement actions by the Federal Trade Commission (FTC) and State Attorneys General, as well as in consumer class actions.

Mr. Kim partners with stakeholders in legal, IT/infoSec, product, growth, engineering, marketing, investor relations, communications, the c-suite, and the board/audit committee across governance, compliance, and crisis management contexts.

Card image cap

Katherine Doty Hanniford

Partner
Alston & Bird

Kate Hanniford is a partner on Alston & Bird’s Technology and Privacy, Cyber & Data Strategy teams. She focuses her practice on cybersecurity and privacy compliance and enforcement. Kate has provided advice on a range of cybersecurity topics, including compliance with various cybersecurity standards, managing cyber risk at all levels of the enterprise, cybersecurity governance, and responding appropriately to security incidents. She also actively monitors cybersecurity-related legislative and regulatory developments at the state and federal levels to provide advice on potential impacts.

Kate also assists securities-industry clients with compliance with SEC and FINRA rules and standards, including SEC (OCIE) examination preparation and enforcement matters as well as Reg SCI and cybersecurity preparedness. She is well-versed in the scale and complexity of incident response in highly regulated industries, having handled incident response for public issuer, broker-dealer, and investment adviser data security and privacy incidents as well as some of the largest healthcare breaches in recent years. The Best Lawyers in America? regularly recognizes Kate on its “Ones to Watch” list in the area of Technology Law.


Card image cap

Similar Courses

Card image cap
64 minutes
"I Am Not a Cat" Proceedings in a Virtual World
Besides becoming a pop-culture catchphrase, how has the shift to a virtual environment impacted proceedings over the last year, and what changes do you believe are here to stay? Our panel of experts will examine some of the greatest challenges, faux pas, and successes in virtual proceedings over the course of this transformative time.

Women, Influence & Power in Law Conference

$65

Add to Cart
Card image cap
63 minutes
2021: The Year of the ELM
Panelists will clarify what constitutes an ELM platform, examine its unique and compelling capabilities, and discuss its strategic and tactical advantages, particularly those stemming from data-driven insights and machine-driven decision making. Attendees will gain a clear understanding of the significance of the emergence of ELM solutions, what firms and law departments can achieve with ELM platform, and practical and ethical considerations related to adopting an ELM solution.

Legalweek

$65

Add to Cart
Card image cap
118 minutes
A Comprehensive Guide on Non-Fungible Tokens (NFTs): Managing Potentials and Perils
In this program, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the recent trends and significant challenges surrounding NFTs and the associated legal landscape, including helpful insights to avoid potential risks.">In this program, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the recent trends and significant challenges surrounding NFTs and the associated legal landscape, including helpful insights to avoid potential risks.

The Knowledge Group

$165

Add to Cart
Card image cap
85 minutes
A Practical Guide in Drafting Data Privacy and Security Agreements: Mitigating Data Security Breach Risks
Listen as experienced data security attorneys Kenneth Dort (Faegre Drinker Biddle & Reath LLP) and Melissa Krasnow (VLP Law Group LLP) provide a comprehensive discussion of the latest trends, developments, and critical issues surrounding data privacy and security agreements. They will, among other things, offer practical tips and strategies for drafting these provisions in light of recent developments and the current legal landscape.

The Knowledge Group

$115

Add to Cart
Previous Next