Here's what that Capital One court decision means for corporate cybersecurity

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/capital-one-incident-response-mandiant-decision/

By Jeff Stone
CYBERSCOOP
June 11, 2020

When a judge ruled last month that Capital One must provide outsiders with a 
third-party incident response report detailing the circumstances around the 
bank’s massive data breach, the cybersecurity world took notice.

The surprise decision, in effect, determined that Capital One would need to 
provide the forensic details — warts and all — about the hack to attorneys 
representing a group of customers suing the bank. It’s the kind of report that, 
if made public, could highlight technical and procedural failures that made it 
possible for a single suspect to allegedly collect gigabytes of data about 100 
million people from a bank with $28 billion in revenue.

Typically, hacked organizations are able to keep incident response reports 
private and avoid costly suits by shielding the details under attorney-client 
privilege. Not under this decision.

U.S. Magistrate Judge John Anderson of the Eastern District of Virginia ruled 
that Capital One must provide a Mandiant report that’s likely to include 
“engagement activities, results and recommendations for remediation” in 
connection to the breach announced in July 2019. Capital One had argued that 
the report should remain protected under legal doctrine.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_