Jackson, Miss. (January 9, 2024) - Jackson, Mississippi Partner and Chair of Lewis Brisbois' Data Privacy & Cybersecurity Practice Robert F. Walker, CIPP/US, recently joined an episode of the SafeHouse Initiative – a podcast series that provides education for businesses on business continuity and cybersecurity. During the episode, titled "You've Been Breached! Now What?" Mr. Walker discussed strategies for handling a cyber incident, including how to mitigate the short and long-term impacts of the event.
During the podcast, Mr. Walker first explains what a ransomware incident is and describes that a privacy lawyer's role is to "quarterback the whole incident response." He explains, "Our role as privacy counsel is to get engaged in the very beginning, create that attorney-client privilege over the investigation, to kind of lead the charge there, and then to help bring in resources. . . ." According to Mr. Walker, these resources include forensic vendors who help contain the environment, restore a business' systems, determine how the threat actor penetrated the environment, and identify the damage they caused.
Next, Mr. Walker discusses the various phases of an incident response, noting that he recommends immediately notifying the FBI because it has "a wealth of information" about threat actors and "often can provide some assistance and support." Mr. Walker goes on to explain how privacy counsel analyzes forensic data and serves as counselors to their clients, advising them on issues such as the individuals, business partners, and regulators that they may need to notify as part of the incident response.
Moreover, Mr. Walker briefly describes three strategies that businesses may employ so that they are prepared for a cyber incident: (1) having an incident response plan in place that includes hypotheticals, assignment of responsibilities, plans to engage the insurance carrier, and an understanding of communication/notification obligations; (2) maintaining offsite back-ups that are tested on a regular basis and having an understanding of how long it will take to restore from the back-ups; (3) instituting preventative measures, such as multi-factor authentication systems. Mr. Walker closed his remarks on the podcast with a message to businesses that may have suffered a cyber incident. He stated, "You are not alone . . . . Understand there are resources out there. There are professionals who deal with these things on a daily basis, and you're going to get through it. You're going to recover."
Mr. Walker is a chair of Lewis Brisbois' Data Privacy & Cybersecurity Practice. He dedicates his practice to helping clients respond to security incidents, comply with numerous data privacy and security requirements, and assert and defend against claims in state and federal litigation.
Listen to the full episode on YouTube here.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.