In this episode of CISO Tradecraft, host G Mark Hardy interviews cybersecurity lawyer Thomas Ritter. They discuss key legal topics for CISOs, including regulatory compliance, managing third-party risk, responding to data breaches, and recent legislative impacts. Thomas shares his journey into cybersecurity law and provides practical advice and real-world examples. Key points include the challenges of keeping up with evolving regulations, the intricacies of vendor management, and the implications of recent Supreme Court rulings. They also touch on major breaches like SolarWinds and Colonial Pipeline, exploring lessons learned and the importance of implementing essential security controls.

Thomas Ritter - https://www.linkedin.com/in/thomas-ritter-2b91014a/ Transcripts: https://docs.google.com/document/d/1EvZ_dOpFOLCSSv5ffqxCoMnLZDOnUv_K

Chapters

• 00:00 Introduction to CISO Tradecraft
• 00:48 Meet Thomas Ritter: Cybersecurity Lawyer
• 03:48 Legal Challenges for CISOs
• 04:54 Managing Third-Party Risks
• 13:01 Understanding Legal and Statutory Obligations
• 15:57 Supreme Court Rulings and Cybersecurity
• 32:57 Lessons from High-Profile Cyber Attacks
• 38:32 Ransomware Epidemic and Law Enforcement
• 43:30 Conclusion and Contact Information