Incident Response as a Lawyers' Service

Add to your list(s) Download to your calendar using vCal

• Daniel Woods, University of Innsbruck, Austria
• Tuesday 25 January 2022, 14:00-15:00
• Webinar - link on talks.cam page after 12 noon Tuesday.

If you have a question about this talk, please contact Kieron Ivy Turk.

This talk describes an increasingly popular model of cyber incident response in which external law firms run the show. This involves operating a 24/7 hotline in order to act as the victim firm’s first point of contact, the law firm selecting and hiring external consultants like the forensics investigator and public relations advisor, and telling those investigators how findings should be documented and shared. At least 4,000 incidents were responded to under this model in 2018. I will present empirical evidence about how cyber insurance popularised this way of responding to incidents. I then describe preliminary findings on the downstream impacts like the efficiency of investigations, the extent of post-breach remediation, information sharing, and work culture in industry. The talk is based on the paper: “Incident Response as a Lawyers’ Service” in IEEE Security & Privacy with doi: 10.1109/MSEC.2021.3096742

This talk is part of the Computer Laboratory Security Seminar series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Security Seminar
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• Webinar - link on talks.cam page after 12 noon Tuesday
• bld31

Note that ex-directory lists are not shown.