#121 - Legal Questions (with Evan Wolff)

Have you ever wanted to get a legal perspective on cybersecurity?  On this episode of CISO Tradecraft, Evan Wolff stops by to discuss terms such as legal disclaimers, negligence, due care, and others.  He also provides important insights on how to structure your cyber policies, respond to regulators/auditors, and partner with general council.  Please enjoy.  Full Transcripts: https://docs.google.com/document/d/1hbqB5GQfQsi0egPVdOtdfYEwLA3-1Jnh Chapters 00:00 Introductions 01:52 The Attorney Client Privilege 04:49 What's the Difference Between a Discovery Order and an Attorney Client Privilege 06:30 CISO Disclaimer 09:23 Security Is a Component of Government Contracts 11:59 What are the Borders Between Information Security and Legal Risk 15:31 Cyber Security - Is there a Standard of Care? 18:11 Do you have a Reasonable Best Effort? 21:27 CMMC 2.0 26:22 Is your Privacy Policy going to expire? 28:30 What is Reasonable Assurance? 33:41 Advice for Partnering with the General Counsel