Following a data breach, it is the responsibility of the general counsel and in-house legal department to quickly assess the situation and immediately provide a coherent and thoughtful initial report to the CEO. The following nine steps should be able to help prepare an effective briefing in about 30 minutes and get through a computer intrusion smoothly.

  1. Debrief
  2. Call outside cybersecurity counsel
  3. Direct IT staff to freeze all internal audit trails – including vendor traffic
  4. Convene a meeting of the Incident Response Team within one hour
  5. Advise CFO
  6. Decide whether to contact law enforcement or not
  7. Check insurance coverage
  8. Start calculating your intrusion cost tab
  9. Contact CEO

Click here to read the issued Client Alert, which will take a deeper dive into the process of these steps.