RedSense, in conjunction with law firm Norton Rose Fullbright, recently held a webinar exploring the potential of Cyber Threat Intelligence (CTI)in common legal and regulatory scenarios. The presentation looked at mitigating cyber risks and reducing legal exposure, ensuring compliance, and more rapidly responding to incidents involving sensitive and possibly exfiltrated data.
Common Use Cases
“It was fascinating how many incredibly valuable and straightforward use cases we uncovered in our discussions leading up to the webinar,” said Andrew Klein, Head of Product at RedSense. “The regulatory ones were most obvious, but there were even more involving defense against claims and insurance.”
Some of the scenarios discussed include:
- Minimizing legal fallout and financial losses via speedy, well informed, data-based investigation and response
- Preventing reputational damage with customers by providing accurate and timely information on breaches and mitigation
- Using cyber threat intel to justify reasonable cybersecurity insurance premiums based on a company’s defense posture
- Validating cybersecurity insurance policy claims with threat intelligence findings
- Using CTI as backing evidence to investigations and litigation to defend against liability claims
- Aiding in the tracing of attacks and establishing threat actor attribution
- Providing an important component in the decision making behind legally and regulatory required breach notifications
Of particular note, Norton Rose Fullbright’s Jim Arnold made it clear that preparation is the key to success with both cybersecurity and cyber legal issues. Whether it be obtaining proper threat intelligence-based protection or integrating your outside legal counsel into your SOC and NOC, these are preparatory steps that need to happen before you suffer a serious cyber incident.
