Business Continuity Management / Disaster Recovery , Critical Infrastructure Security , Cybercrime

Sound Off: A Post-Mortem on the Colonial Pipeline Attack

Attorney Lisa Sotto Sounds Off on Incident Response Readiness
Lisa Sotto, partner and chair of global privacy and cybersecurity practice Hunton Andrews Kurth LLP

"Sound Off" is a new video series that explores one topical question, in depth, with information security and privacy leaders.

See Also: Beyond MFA: The Trick to Securing Machine Identities

On this week's "Sound Off," attorney Lisa Sotto demonstrates how Colonial Pipeline did "a lot right" in its response to the DarkSide ransomware attack that led the firm to shut down operations for nearly a week last May. Sotto, who advised Colonial Pipeline on its ransomware incident, shares best practices for enterprises to improve their incident response plans.

Sotto says that Colonial Pipeline "was able to get on with the difficult, substantive tasks of finding out the root cause, understanding what data and systems were impacted, understanding what might have been compromised and focused on getting systems back up and running by really that very first day." She attributes its efficiency and effectiveness to the fact that "they had all the experts lined up to get going and they were able to jump right in."

In a video interview with Information Security Media Group, Sotto discusses:

  • Lessons learned from the Colonial Pipeline ransomware response;
  • Incident response readiness essentials;
  • Updates on U.S. regulatory movement to support critical infrastructure security.

Named in The National Law Journal's "100 Most Influential Lawyers," Sotto serves on the Hunton Andrews Kurth executive committee. She was voted the world's leading privacy adviser by Computerworld magazine and has earned the highest honor from Chambers and Partners as a "Star" performer for privacy and data security. Recognized as a "leading lawyer" by The Legal 500 U.S., Sotto chairs the Department of Homeland Security's Data Privacy and Integrity Advisory Committee and is the editor and lead author of "Privacy and Data Security Law Deskbook." She has represented the U.S. Chamber of Commerce in Indonesia and has advised the Serbian government on global data protection law. Sotto is co-chair of the International Privacy Law Committee of the New York Bar Association and chair of the New York Privacy Officers' Forum.


About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.