Brad Garnett Brad Garnett

Brad Bits: March 4, 2025 (CyberLawCon)

Hello reader,

Welcome to another edition of Brad Bits. I am fresh off CyberLawCon, and I wanted to share my experience with you.

Executive Summary

This was the first edition of what will likely be an annual conference that brings experts together from law and cybersecurity to explore the rapid and evolving landscape of cyberlaw. Chris Krebs was the keynote speaker and addressed the following key points in his keynote as it relates to what's driving cyber risk:

  • Threat Landscape: from geopolitics to cyber regulation. The complex cyber threat landscape is what keeps us up at night as professionals and how prepared our organizations are to respond to a cyber incident.

  • Complexity in the Enterprise: no surprise here, and just as organizations are on a digital transformation that is in overdrive due to Gen AI, organizations’ cyber capabilities, technical debt, and business priorities are not aligned.

  • Product Quality: all you have to do is read about the impact of vulnerabilities in the enterprise and how organizations are not prepared for supply chain and third-party risk. This also starts with the Secure Development Lifecycle (SDL) into building great software and great products.

  • Business Priorities: IT and security teams not properly aligned with the business. For me, this was a theme throughout the conference and what we can do as practitioners to thread the needle and collaborate across the organization to ensure priorities are aligned. There was even one panel discussion from general counsel at a major technology company that discussed tips on building on those internal personal relationships in the enterprise to drive alignment.

My Key Takeaways

  • Collaboration: Business is about connecting with and adding value. Collaboration across stakeholders to drive alignment, influence decisions, and deliver value is intimately connected. Collaboration and communication were themes on all the panels and how lawyers and practitioners in cybersecurity can work together. Several of the lawyer panelists discussed how they focus on being catalysts for their clients and organizations vs blocking an initiative.

  • Regulatory and Enforcement Insights: From the SEC, DOJ, and CIRCIA, it was great to hear from the legal community on compliance, avoiding regulatory issues, but also some practical tips for responding to regulators.

  • Emerging Tech: Generative AI was the centerpoint for emerging tech. I won't belabor this topic, but the use of Generative AI within the organization and its workforce will present legal challenges.

  • Incident Response: My bread and butter. The topics ranged from attorney-client privilege, to pay or not to pay the ransom, and integrating eDiscovery capabilities for Incident Response. I have observed organizations and even the legal community cross the streams on Cyber Incident Response and eDiscovery. It was great to hear from long-time legal vets to remind attendees that these are not the same. I will say the debate between whether to complete a DFIR report, or not to complete a DFIR report nor provide mitigation recommendations continues no matter what side of the aisle you fall on. As an IR expert, I see both sides. In anticipation of litigation and depending on if a prior relationship existed, I can see why a verbal readout of any findings and recommendations may be required. On the flip side, I've had to testify in court on digital evidence before and a forensic report to refer to when I am deposed years down the road or required to testify in court, I want to refer to the forensic deliverable.

In Closing

I am grateful I was able to attend CyberLawCon last week to catch up with old colleagues and meet new folks. It's so refreshing to see the larger legal community really embed themselves in cyber and becoming a conduit to enable the business. Finally, I won't list all of my lawyer friends here, or colleagues I was able to catch up with last week in D.C., but a special shoutout to Eric P and John H for their support and putting on a great conference. Well done! Until next time...

Encore: I am considering a video blog (vlog) to go with my blog posts that would be exclusive for my followers/fans/subscribers. If you are interested, please consider joining my mailing list.

For more information on CyberLawCon, please visit CyberLawCon.com.

Read More