A Ransomware Attack in Action: When Cyber Extortion Strikes

On June 28, 2023, Winston & Strawn Partner Jonathan Birenbaum, along with guest speakers Serge Jorgensen of Sylint Group and Bill Siegel of Coveware, hosted a CLE program discussing a ransomware case study and best practices for a ransomware incident response. The engaging program covered the ransomware attack process step-by-step, from the first notification of an attack through the investigation, response, recovery, and aftermath.

During the program, our speakers discussed how to handle the highly complex challenges of responding to an attack, including organizing an incident response, maintaining privilege, engaging with the attackers, assessing whether (and how) to pay the ransom, and navigating notification requirements and potential litigation issues. The program concluded with our panelists’ top “lessons learned” and their recommendations on how to become better prepared to respond to these incidents in this new age of ransomware, extortion, and supply chain attacks.

The panelists’ key takeaways included:

• Having the right team in place (internal personnel, lawyers, and cybersecurity response experts) and ready to respond before an incident occurs is critical–timing and expertise are crucial.
• In M&A deals, treat cybersecurity diligence with the respect it deserves and consider bringing down the diligence just prior to closing.
• The highest levels of company leadership and the board of directors need to be aware of cybersecurity risks and understand their company information security posture to address any gaps in security.

The program was held live in Winston & Strawn’s New York office and virtually over Zoom and provided 1 hour of CLE credit in California, Illinois, New Jersey, New York, Pennsylvania, and Texas. As an added benefit, the credit was eligible to be applied to New York’s new cybersecurity CLE credit requirement. Information on the new CLE requirement can be found here.

To learn more about our ransomware program or our speakers, or to request a recording of the program, please contact Caroline Melia.