#191 - From Breach to Bench (with Thomas Ritter)

In this episode of CISO Tradecraft, host G Mark Hardy continues an in-depth discussion with cybersecurity attorney Thomas Ritter on the legal considerations for cybersecurity leaders. The episode touches on essential topics such as immediate legal steps after a data breach, the importance of using correct terminology, understanding attorney-client privilege and discovery, GDPR's impact, data localization, and proactive measures CISOs should take. The conversation also explores the implications of evolving cybersecurity laws and regulations like the Digital Operations Resilience Act and the potential criminal liabilities for CISOs. Thomas Ritter: https://www.linkedin.com/in/thomas-ritter-2b91014a/ Transcripts: https://docs.google.com/document/d/15xQINUOdziGdcEFfh5SN8lS7svtK0JCT   Chapters 00:00 Introduction and Recap of Part 1 01:43 Starting the Discussion: Data Breaches 02:22 Legal Steps After a Data Breach 07:19 Understanding Attorney-Client Privilege 08:21 Discovery in Legal Cases 13:31 Staying Updated on Cybersecurity Laws 19:38 Impact of GDPR on Cybersecurity 32:00 Data Localization Challenges 34:55 Proactive Legal Preparedness 37:23 Final Thoughts and Conclusion