Women in Security and Privacy (WISP) would like to invite you to an event where the experts will walk the audience through a hypothetical privacy incident via a dynamic tabletop exercise. The experts will discuss how to prepare for and respond to a privacy incident from the legal and forensic perspectives. The discussion will focus on implementing the actions that need to be taken after a privacy incident occurred. More importantly, the exercise will focus not only on the technical aspects of managing an incident, but also on the key legal and repetitional considerations to which every privacy person should be sensitized.
The tabletop exercise will be build from actual privacy events in the industry. The presentation will begin with the initial identification of a potential incident, followed by the various multi-disciplinary activities involved in the response process from assembly of the incident response team, legal review, the forensic investigation to remediation of the issue and notification to applicable parties. The tabletop will address key incident response activities, such as the strategy for escalating a potential incident to appropriate personnel, how/when the company convenes the incident response team, and how the company develops a plan to contain the incident.
The experts will highlight some of the difficult decisions a company may face upon detection of a privacy incident, such as who should be in the circle of trust early in the response process, whether a forensic investigator is necessary, when and how to “go live” with relevant notifications and disclosures with the possibility of a leak looming, and how to deal with the often conflicting needs to swiftly contain the incident while at the same time preserving evidence for legal purposes. The scenario also will include inquiries from the media, customers and the board, allowing the participants to wrestle with the public and investor relations implications of a cyber-attack. Based on the findings of the investigation, the experts will explain how to analyze the legal issues that would arise if business confidential or personal information were impacted by the attack, followed by a discussion of regulatory and litigation activity that might ensue.
The presentation will include an interactive discussion and will be followed by networking and sharing of best practices, including dinner and beverages provided by Airbnb.
6:00 - 6:30 pm - Airbnb check-in + Dinner (ID Required)
6:30 - 7:30 pm - Introductions and Mock Data Breach Tabletop Exercise
7:30 - 8:00 pm - Interactive Discussion Q&A