In this episode of CISO Tradecraft, host G Mark Hardy continues an in-depth discussion with cybersecurity attorney Thomas Ritter on the legal considerations for cybersecurity leaders. The episode touches on essential topics such as immediate legal steps after a data breach, the importance of using correct terminology, understanding attorney-client privilege and discovery, GDPR's impact, data localization, and proactive measures CISOs should take. The conversation also explores the implications of evolving cybersecurity laws and regulations like the Digital Operations Resilience Act and the potential criminal liabilities for CISOs.

Thomas Ritter: https://www.linkedin.com/in/thomas-ritter-2b91014a/

Transcripts: https://docs.google.com/document/d/15xQINUOdziGdcEFfh5SN8lS7svtK0JCT

Chapters

• 00:00 Introduction and Recap of Part 1
• 01:43 Starting the Discussion: Data Breaches
• 02:22 Legal Steps After a Data Breach
• 07:19 Understanding Attorney-Client Privilege
• 08:21 Discovery in Legal Cases
• 13:31 Staying Updated on Cybersecurity Laws
• 19:38 Impact of GDPR on Cybersecurity
• 32:00 Data Localization Challenges
• 34:55 Proactive Legal Preparedness
• 37:23 Final Thoughts and Conclusion