You Have Experienced a Ransomware Attack- Now What?

"This program discusses the constantly evolving threat of ransomware and the legal implications associated with such cyber attacks. We will explore the various types of ransomware attacks, threat actor tactics, and the potential resulting legal obligations often faced by impacted companies based upon our significant experience responding to data security incidents. This program also discusses the current regulatory environment related to data breaches and provides some important considerations for complying with all of the various potentially applicable state and federal laws.

 

Kamran Salour is a partner in the Orange County office of Lewis Brisbois and a member of the Data Privacy & Cybersecurity Practice. Kamran (CIPP/US and CIPT) dedicates his practice to helping clients respond to data security incidents of all kinds. For each incident, Kamran seeks to answer three main questions for his clients: (1) how did the incident occur; (2) how can we help reduce the likelihood of the incident re-occurring; and (3) are there any legal notification obligations as a result of the incident? Kamran also helps his clients assert or defend against claims in state and federal litigation resulting from data security incidents.

 

Kamran helps his clients respond to security incidents and data breach investigations involving malware, network intrusion, inadvertent disclosure, and ransomware. He guides his clients through the incident response process, directing forensic investigations, consulting with federal and state agencies, developing post-incident response notification plans, and responding to regulatory investigations. As part of his security incident response work, Kamran provides his clients with advice on proactive data security practices, including designing pre-incident response planning and preparedness, and post-incident remediation plans. Central in his response work, Kamran strives to minimize disruption to his clients, preserve their customer relationships, and reduce the likelihood and consequences of litigation and regulatory investigations.

 

Kamran’s experience also extends to compliance. Utilizing his knowledge of U.S. and international privacy laws, including the EU’s General Data Protection Regulation (GDPR), Illinois’ Biometric Information Privacy Act (BIPA), and the California Consumer Privacy Act (CCPA), Kamran educates clients about a full range of privacy issues and counsels them on complying with emerging and ever changing privacy laws.

 

Armed with decades-plus experience as a litigator, Kamran provides his clients with a unique perspective on data privacy and protection issues. He brings a pragmatic problem-solving approach to his incident response work, an approach that he developed and honed through years of resolving high-stakes litigation disputes on behalf of his clients. Because of his litigation experience, Kamran’s skill set includes understanding and anticipating drafting ambiguities and oversights that spawn litigation, a skill set that he uses to his clients’ benefit when counseling them on compliance.

 

Ryli McDonald is an associate in the Denver office of Lewis Brisbois and a member of the Data Privacy & Cybersecurity Practice. Ryli works closely with clients across various industries to prepare for and respond to data security incidents. Ryli assists organizations in preparing, updating and testing information security programs and incident response plans. When assisting clients in responding to a data security incident, Ryli provides clients with the necessary guidance and tools to mitigate risk and effectively respond to the incident, including coordinating with third-party forensic investigators and preparing crisis communications. Ryli also assesses consumer notification and regulatory reporting obligations pursuant to various state and federal statutes, prepares notification communications, and responds to regulatory investigations. Ryl"