Presented at
BSidesLV 2019,
Aug. 7, 2019, 3 p.m.
(25 minutes)
There is a lot of swirl (and some crappy documents online) about how to CYA when you're an independent consultant or a third party vendor doing pen testing / red team work for a client.
But what do you really need to know? And where do you draw the line/ walk away from a client? We're going to talk about how you don't end up on the hook for damages or screwed in a lawsuit by getting the paperwork right on the front end.
I'll bring the information (and some docs you can adjust for your needs), and you bring the questions!
Presenters:
-
Suchi Pahi
Suchi is a data privacy and cybersecurity lawyer (@SuchiPahi). She was supposed to be a doctor, but went rogue and wound up in law school arguing about the CFAA. After 4 years of working on some of the most incredible incidents as a cybersecurity lawyer and of helping companies of all sizes set up privacy and security practices, she decided to leave the law firm life so that she could do more tech law things. She currently lives in DC, where she is Director of Privacy and Business Affairs at Rally Health, Inc.
Similar Presentations: