Incident Response and Law

Post author By Andrew Cormack
Post date 15 October 2020
No Comments on Incident Response and Law

On and off, I’ve been researching the legal aspects of incident detection and response for fifteen years, and published more than 25000 words in law journals. So, can that be summarised in less than five minutes? You judge…

And if you’d like to read more, here are the original papers:

Processing Data to Protect Data: resolving the breach detection paradox (SCRIPTed, 2020)
Can CSIRTs Lawfully Scan for Vulnerabilities (SCRIPTed, 2014)
Incident Response: Protecting Individual Rights Under the GDPR (SCRIPTed, 2016)

Here are the slides, and the script.

Tags Computer Misuse Act, Data Protection Regulation, Incident Response

By Andrew Cormack

I'm Chief Regulatory Advisor at Jisc, responsible for keeping an eye out for places where our ideas, services and products might raise regulatory issues. My aim is to fix either the product or service, or the regulation, before there's a painful bump!

View Archive

By Andrew Cormack

Leave a Reply Cancel reply