University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Incident Response as a Lawyers' Service

Incident Response as a Lawyers' Service

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Kieron Ivy Turk.

This talk describes an increasingly popular model of cyber incident response in which external law firms run the show. This involves operating a 24/7 hotline in order to act as the victim firm’s first point of contact, the law firm selecting and hiring external consultants like the forensics investigator and public relations advisor, and telling those investigators how findings should be documented and shared. At least 4,000 incidents were responded to under this model in 2018. I will present empirical evidence about how cyber insurance popularised this way of responding to incidents. I then describe preliminary findings on the downstream impacts like the efficiency of investigations, the extent of post-breach remediation, information sharing, and work culture in industry. The talk is based on the paper: “Incident Response as a Lawyers’ Service” in IEEE Security & Privacy with doi: 10.1109/MSEC.2021.3096742

This talk is part of the Computer Laboratory Security Seminar series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2022 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity