
The face of data breach investigations is changing as companies weigh business factors outside of the traditional office of information security.
Following a breach, for example, companies are no longer likely to make their first call to an incident response firm but rather to an outside attorney, a trend that legally protects businesses but could make the technical response more difficult, according to ongoing research by a trio of academic researchers. Nearly half of all companies call in lawyers to lead the investigation, relying on their expertise to navigate regulatory requirements, hire outside consultants, and write final reports, the academic experts found.
Insurance firms are also seeing thousands of cyber breaches handled by outside attorneys, rather than an outside technical consultant, says Josephine Wolff, an assistant professor for cybersecurity policy at Tufts University’s Fletcher School of Law and Diplomacy. Wolff is working with two other academic researchers to collect data on how companies respond to data breaches.
“The idea is that a lot of incidents were breaches of personal information, and those resulted in class-action lawsuits … and how do we protect as much of our investigation as possible using attorney-client privilege,” she says. “I don’t know if [companies are] trying to get around rules so much as it is about anticipating litigation and being in as strong a position as possible if there is a lawsuit.” Read more: https://bit.ly/3JZwbuQ