Training: 8–9 November 2016
Tutorials & Conference: 9–11 November 2016
Amsterdam, NL

Building a cross-functional incident response team

Jennifer Martin (Covington & Burling)
15:50–16:30 Friday, 11 November, 2016
The human element
Location: G102 Level: Beginner
Average rating: *****
(5.00, 2 ratings)

Prerequisite knowledge

  • Experience or interest in responding to cybersecurity incidents

What you'll learn

  • Understand how to avoid organizational chaos and missteps during crisis management by building an incident response program based on trusted relationships and clearly defined roles across the organization


The single most important element to successful cybersecurity incident response is developing a holistic, cross-functional incident response process. Effective coordination and communication requires a clear understanding of departmental priorities, roles, and responsibilities during the incident response life-cycle. Building trust and educating stakeholders on key principles, obligations, and risks must be done as part of the pre-incident planning process. Jennifer Martin shares a framework for commencing that conversation to mitigate against internal confusion and strife during a crisis.

Topics include:

  • The incident response process overview (a NIST-based approach)
  • Building an organization-wide incident response program
  • Priorities and obligations of key stakeholders, including CISO/information security, legal, PR/communications, and the impacted business unit
  • Response management and operations
  • How to avoid conflicts: Escalation processes for key decisions
  • Tips, tricks, and lessons learned
Photo of Jennifer Martin

Jennifer Martin

Covington & Burling

Jennifer Martin has worked at the intersection of law and cybersecurity for the past 15 years. Her expertise in this area has been uniquely honed through her experience managing cyber risks and responding to threats from a variety of perspectives: as the director of cyber incident response and operations and as lead in-house internal investigations counsel at Symantec; as a managing director of a top cybersecurity and forensics consulting firm; and as a federal and local cybercrime prosecutor and policy maker. As both in-house counsel and a private consultant, Jennifer has managed and advised a number of organizations on cyber-risk mitigation and information management and has personally developed the people, processes, and holistic programs necessary for operational excellence, internal investigations, and crisis management. She has supervised countless cyber incident response matters, including data breaches, insider thefts of trade secrets, and intrusions, from initial detection through containment, notification, recovery and remediation. She is recognized for her skill in building effective cross-functional teams comprised of critical stakeholders—impacted business units, and legal, technical, and communications departments. In addition, she has advised executive leadership on programmatic strategies for mitigating cyber risk and on evolving legal, regulatory, and ethical expectations and requirements.

Jennifer’s work as an early federal cybercrime prosecutor, including litigating a high-profile Economic Espionage Act case against foreign software engineers, and as a policy maker within the US Department of Justice’s Computer Crime & Intellectual Property Section, provides her with historical insight into the evolving threat landscape and the consequent law enforcement and regulatory responses. Through her work negotiating the Council of Europe Convention on Cyber Crime, with the European Union, the Organization of American States, the Organization for Economic Co-operation and Development (OECD), and bilaterally with other countries on the multinational aspects of cybercrime and privacy, she has gained significant knowledge about the difficult jurisdictional and cultural issues associated with technological innovation. Jennifer is a frequent lecturer and panelist on cybersecurity regulation and corporate governance, incident response, online fraud and abuse, economic espionage, digital forensics, and electronic discovery in a variety of legal forums, including the San Francisco Bar Association, the American Bar Association, the East-West Institute, the New York State Bar, the New York City Bar, LegalTech, the Practicing Law Institute, and law firm and industry CLE programs.