#121 - Legal Questions (with Evan Wolff)

Have you ever wanted to get a legal perspective on cybersecurity?  On this episode of CISO Tradecraft, Evan Wolff stops by to discuss terms such as legal disclaimers, negligence, due care, and others.  He also provides important insights on how to structure your cyber policies, respond to regulators/auditors, and partner with general council.  Please enjoy. 

Full Transcripts: 
https://docs.google.com/document/d/1hbqB5GQfQsi0egPVdOtdfYEwLA3-1Jnh

Chapters

• 00:00 Introductions
• 01:52 The Attorney Client Privilege
• 04:49 What's the Difference Between a Discovery Order and an Attorney Client Privilege
• 06:30 CISO Disclaimer
• 09:23 Security Is a Component of Government Contracts
• 11:59 What are the Borders Between Information Security and Legal Risk
• 15:31 Cyber Security - Is there a Standard of Care?
• 18:11 Do you have a Reasonable Best Effort?
• 21:27 CMMC 2.0
• 26:22 Is your Privacy Policy going to expire?
• 28:30 What is Reasonable Assurance?
• 33:41 Advice for Partnering with the General Counsel