From the interplay of digital forensics in eDiscovery to collecting online data for litigation readiness, the August 2021 edition of the Five Great Reads on Cyber, Data, and Legal Discovery newsletter provides a selection of recent research, reports, and articles to update and inform cybersecurity, information governance, and eDiscovery professionals on cyber, data, and legal discovery.
According to this new Tallinn Paper from the NATO Cooperative Cyber Defence Centre of Excellence, public attribution of state-sponsored offensive cyber operations is complex and has political, technical and legal aspects. States can use attribution as a vehicle to advance their political goals, but there is often a risk involved in making a public attribution. Any response from the attacked party, such as attribution or a hack-back, must be carefully considered before being undertaken due to the political implications that such a response would cause.
Provided for your convenience is a complete transcript of the recent webcast presentation on the topics of ransomware, incident response, and cyber discovery as shared by cyber, information governance, and eDiscovery experts from HaystackID and the EDRM to include Michael Sarlo, Jenny Hamilton, John Brewer, John Wilson, and Mary Mack.
According to CISA Director Jen Easterly, “The JCDC presents an exciting and important opportunity for this agency and our partners – the creation of a unique planning capability to be proactive vice reactive in our collective approach to dealing with the most serious cyber threats to our nation. The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions. With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”
According to paper author, Josh Gold, the US and its Five Eyes partners support legitimizing the development of offensive cyber capabilities and justifying their use within the existing international norms and rules governing the use of force and coercion, such as the UN Charter. The positions of the US, UK, Australia and Canada indicate an explicit interest in the ability to respond strongly to violations of the UN cyber stability framework, to uphold the framework, and build meaningful accountability into it.
According to Chris McCurdy, Vice President and General Manager, IBM Security, “Higher data breach costs are yet another added expense for businesses in the wake of rapid technology shifts during the pandemic. While data breach costs reached a record high over the past year, the report also showed positive signs about the impact of modern security tactics, such as AI, automation and the adoption of a zero trust approach – which may pay off in reducing the cost of these incidents further down the line.”
According to Rotem Iram, Co-Founder and CEO at At-Bay, “We are seeing a shift in commercial insurance with regard to cyber risk, and At-Bay is leading the way. While legacy insurers are pulling back on coverage and raising rates in the face of challenges like ransomware, At-Bay is doubling down with a modern approach to risk management that helps businesses improve their security and avoid loss before it happens.”
According to the recent mixed methods study on how cyber insurance shapes incident response, insurers undoubtedly face incentives to concentrate work among the most efficient firms but may lack the information to do so given insurers do not monitor service quality and must rely on second-hand reports. The study goes on to note that the only thing insurers reliably monitor is cost, which may lead to the commoditization of incident response that rewards cost-cutting above quality.
From considerations for cyber insurance and malware to eDiscovery business confidence and assessments, the July 2021 edition of the Five Great Reads on Cyber, Data, and Legal Discovery newsletter provides a selection of recent research, reports, and articles to update and inform legal, business, and information technology professionals on cybersecurity and eDiscovery.
According to Bret Laughlin, CEO and co-founder of Braintrace, “NDR is critical to successful threat hunting. Braintrace’s competitive differentiation is its unique NDR technology that our MDR analysts leveraged for finding, interrupting and remediating cyberattacks. With our own NDR technology, the team responds faster and more accurately because of the real-time, automated visibility and threat verification they have into encrypted traffic. We built Braintrace’s NDR technology from the ground up for detection and now, with Sophos, it will fit into a complete system to provide cross-product detection and response across a multi-vendor ecosystem.”