Haynes Boone Partner Micah Skidmore recently helped lead a cybersecurity workshop for the Center for American and International Law’s 57th Academy of American and International Law. Read a recap of the event below:
Each year, the Academy gathers lawyers from more than 20 countries to study United States law and various international business transactions issues such as international arbitration and litigation, intellectual property, cybersecurity, human rights and business, and negotiations. Since 1964, the Academy has gathered over 3,300 lawyers from 121 countries to learn from some of the greatest teachers and practitioners of international law in the United States.
In the workshop, each participant was assigned a corporate leadership role and asked to spot the issues throughout various stages of a cybersecurity crisis.
Below are the top eight takeaways from the workshop:
1. Nobody thinks that this is going to happen to them. It is better to prepare for an event that never happens than to be unprepared when an incident occurs. Cyber issues affect everyone.
2. Prepare your incident response team now. Practice is key. If the chief decision makers have never met before a data breach occurs, the response may not be executed with the highest degree of confidence.
3. Save money by learning how to “speak” insurance. Understanding the intricacies of insurance can mean money in your pocket in the event of disaster. Learning what the insurance companies require and getting the proper coverage will save both time and money.
4. Remain calm. Measure your response. Shutting down operations is often drastic and unnecessary. Determine what really happened before making any decisions or talking to third parties. You want to ensure that you are the true source of the data leakage before you respond.
5. Be careful when using the term “data breach.” “Data breach” has a very significant legal meaning that requires immediate action and implicates various reporting requirements. Consider using the term “incident” or “event” until the breach is confirmed.
Excerpted from a Spencer Fane LLP article via Lexology. To read the full article, click here.
Each year, the Academy gathers lawyers from more than 20 countries to study United States law and various international business transactions issues such as international arbitration and litigation, intellectual property, cybersecurity, human rights and business, and negotiations. Since 1964, the Academy has gathered over 3,300 lawyers from 121 countries to learn from some of the greatest teachers and practitioners of international law in the United States.
In the workshop, each participant was assigned a corporate leadership role and asked to spot the issues throughout various stages of a cybersecurity crisis.
Below are the top eight takeaways from the workshop:
1. Nobody thinks that this is going to happen to them. It is better to prepare for an event that never happens than to be unprepared when an incident occurs. Cyber issues affect everyone.
2. Prepare your incident response team now. Practice is key. If the chief decision makers have never met before a data breach occurs, the response may not be executed with the highest degree of confidence.
3. Save money by learning how to “speak” insurance. Understanding the intricacies of insurance can mean money in your pocket in the event of disaster. Learning what the insurance companies require and getting the proper coverage will save both time and money.
4. Remain calm. Measure your response. Shutting down operations is often drastic and unnecessary. Determine what really happened before making any decisions or talking to third parties. You want to ensure that you are the true source of the data leakage before you respond.
5. Be careful when using the term “data breach.” “Data breach” has a very significant legal meaning that requires immediate action and implicates various reporting requirements. Consider using the term “incident” or “event” until the breach is confirmed.
Excerpted from a Spencer Fane LLP article via Lexology. To read the full article, click here.
