Heavy reliance on MSPs/MSSPs often widens the attack surface. In this session, we walk through a realistic incident storyboard: a managed SOC flags malicious activity, the provider may also be compromised, and the firm’s primary channels (email/IDP/chat) can’t be trusted. What fails first, where privilege gets jeopardized, and how quickly can you pivot?
The speakers will translate that scenario into a crisis playbook: counsel-directed, privilege-preserving communication patterns; minimum viable out-of-band (OOB) controls (E2EE, role scoping, immutable audit without content exposure); and clear decision rights across IT/Sec/PR/GC/ExCom.
They will cover the tough edge cases—secure communications when an MSP becomes adverse or is under investigation—and how to run joint tabletops (Firm–MSP–Client) that actually build muscle memory: onboarding externals fast, testing unknown-third-party joins, and measuring time-to-pivot OOB.
You’ll leave with practical templates for injects, comms decision trees, and readiness metrics you can reuse—for your organization and with your clients.
Co-led by technical and legal industry leaders, this session prioritizes privilege, defensibility, and operational control—so you can keep working cases even when primary systems and providers are under stress.
Speakers:
- Amy S. Mushahwar, Partner; Chair, Data Privacy, Security, Safety & Risk Management, Lowenstein Sandler LLP
- Matthew B. Welling, Partner, Data Strategy, Security and Privacy, Holland & Knight
- Navroop Mitter, CEO, ArmorText
- Matt Calligan, Director of Growth Markets, ArmorText
Time: 2 p.m. ET
