Archives

This “table-top” crisis response exercise calls on all participants to apply the knowledge they have learned during Cyber Day by responding to a hypothetical attack on a major publicly traded corporation. The exercise will involve challenges based on partial information, press relations, legal exposure, stock price response, governmental inquiries, and threats of litigation.

Experts often emphasize the value of an appropriately structured incident response plan, and frequently raise questions about appropriate reporting structures within IT organizations. This session reviews the elements of incident response plans, and explores the debate about reporting relationships.

This session reviews the legal liabilities of corporations, their boards, and senior executives for the prevention and response to intrusions. The discussion covers private, state, and federal enforcement actions, an analysis of whether and how corporations should cooperate with various federal agencies, and an introduction to the emerging and rapidly evolving cyber-insurance market.

This session reviews state-of-the-art techniques employed by hackers to infiltrate corporate systems. The presentation explains how the intrusions operate and the various forms of damage caused by the intrusions. The session will also review defensive technology designed to prevent or respond to intrusions, including a discussion on case studies of responses.