How to Work with Law Enforcement After a Breach

T.C. Spencer Pryor on Steps to Take to Minimize Legal Risks

After a data breach, how can organizations cooperate with law enforcement without increasing the likelihood they'll face civil lawsuits? By sticking to the basic facts, says T.C. Spencer Pryor, partner at the law firm Alston & Bird LLP.

See Also: Are You APT-Ready? The Role of Breach and Attack Simulation

"Network diagrams; information related to the network; information related to the company's network security systems - all those things are facts that can be provided to law enforcement," Prior says. "If you provide factual information to law enforcement and you start a dialogue with law enforcement, they can investigate the crime and bring the perpetrators of the crime to justice without [you] waiving the attorney-client privilege or the attorney work-product doctrine."

In a video interview at Information Security Media Group's 2015 Fraud Summit New York, Pryor describes why having legal counsel experienced in this arena can protect organizations "from doing anything that could have an adverse effect on them in future civil litigation." Attorneys also can help craft a solid breach response plan, he notes.

"If I were engaged as a lawyer to review a plan in its infancy, and I made comments to my client saying: 'You have deficiencies in the following areas and best practices are X, Y and Z, and I would recommend that you implement these best practices to get your plan where it needs to be,' that legal advice can be protected by the attorney-client privilege and/or the attorney work-product doctrine if there were future litigation where plaintiff's attorneys or others, [such as] regulators, might try to seek any information related to the formation of your cyber incident response plan," Pryor explains.

Pryor also discusses:

  • How to best begin a dialogue with law enforcement after a breach;
  • Why legal counsel should spearhead company investigations into such issues as potential negligence and fraud; and
  • Why it's important to have outside counsel in place before a data breach occurs.

Before joining Alston & Bird, Pryor was an assistant U.S. attorney and counsel to the Deputy Attorney General. He was a member of Georgia's Judicial Nominating Committee under then Governor Sonny Perdue and currently serves on the board of visitors at the University of Georgia School of Law.


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.