Heidi Wachs, John Ailes, Nathan Salminen, Sabrina Guenther Frigo
Time: Thursday, Nov 13, 2025: 10:10 AM – 11:10 AM
“Why can’t we just drone strike the ransomware operators in Russia?”
“Can’t you just hack the threat actor’s servers and get our data back?”
“If we don’t know about the fraud, we’re not legally responsible for it, right?”
– Real Stroz Friedberg Client Questions, including one from the CEO of a Fortune 500 company
The presenters will lead an interactive, dynamic, and entertaining incident response tabletop session based on their years of experience and helping clients respond to hundreds of incidents together. They will walk through the details of a typical ransomware attack, while highlighting the legal frameworks and decision points that arise throughout the lifecycle of the investigation. From sanctions risks, to SEC disclosure rules, to that pesky CFAA, participants will be asked to engage at each inject. Participants will gain a deeper appreciation for the multitude of tradeoffs and difficult decisions business, technical, and legal stakeholders must make during an incident while operating within various legal and regulatory frameworks. Together, the presenters and participants will explore the potential ethical and policy positions that could alter or enhance the way incident response is handled in the future.
Heidi Wachs, Managing Director, Aon’s Cyber Solutions
John Ailes, Manager, Digital Forensics & Incident Response. Aon’s Cyber Solutions
Nathan Salminen, Partner, Hogan Lovells
Sabrina Guenther Frigo, Chief Ethics, Compliance & Privacy Officer, TruStage
Reading Materials:
