• Online, Self-Paced
  • Classroom
Course Description
  • New: The arrest and criminal indictment of two Coalfire penetration testers in Iowa
  • New: How to balance the right to data privacy versus the right to data security under GDPR and the new California Consumer Privacy Act
  • New: Invoking attorney-client privilege to maintain confidentiality of security assessments such as penetration tests
  • New: Court decision shows how to improve an official investigation using artificial intelligence.
  • Unique and indispensable training for General Data Protection Regulation Officers.
  • New: Form contract to invite outside incident responders - including police, contractors, National Guard, or civil defense agencies from anywhere in the world - to help with a cyber crisis.

New law on privacy, e-discovery, and data security is creating an urgent need for professionals who can bridge the gap between the legal department and the cybersecurity team. SANS LEG523 provides this unique professional training, including skills in the analysis and use of contracts, policies, and insurance security questionnaires.

This course covers the law of crime, policy, contracts, liability, compliance, cybersecurity, and active defense - all with a focus on electronically stored and transmitted records. It also teaches investigators how to prepare credible, defensible reports, whether for cyber crimes, forensics, incident response, human resource issues, or other investigations.

The Global Information Assurance Certification (GLEG) associated with LEG523 demonstrates to employers that you have absorbed the sophisticated content of this course and are ready to put it to use. This coveted GIAC certification distinguishes any professional - whether a cybersecurity specialist, auditor, lawyer, or forensics expert - from the rest of the pack. It also strengthens the credibility of forensics investigators as witnesses in court and can help a forensics consultant win more business. And the value of the certification will only grow in the years to come as law and security issues become even more interconnected.

The course also provides training and continuing education for many compliance programs under information security and privacy mandates such as GLBA, HIPAA, FISMA, GDPR, and PCI-DSS.

Each successive day of this five-day course builds upon lessons from the earlier days in order to comprehensively strengthen your ability to help your public or private sector enterprise cope with illegal hackers, botnets, malware, phishing, unruly vendors, data leakage, industrial spies, rogue or uncooperative employees, or bad publicity connected with cybersecurity. We cover topical stories, such as Home Depot's legal and public statements about payment card breach and the lawsuit by credit card issuers against Target's QSA and security vendor, Trustwave.

Recent updates to the course address hot topics such as legal tips on confiscating and interrogating mobile devices, the retention of business records connected with cloud computing and social networks like Facebook and Twitter, and analysis and response to the risks and opportunities surrounding open-source intelligence gathering.

Over the years this course has adopted an increasingly global perspective. Professionals from outside the United States attend LEG523 because there is no training like it anywhere else in the world. For example, a lawyer from the national tax authority in an African country took the course because electronic filings, evidence, and investigations have become so important to her work. International students help the instructor, U.S. attorney Benjamin Wright, constantly revise the course and include more content that crosses borders.

You Will Learn How To:

  • Choose words for better legal results in policies, contracts, and incidents
  • Implement processes that yield defensible policies on security, e-records, and investigations
  • Reduce risk in a world of vague laws on cyber crime and technology compliance
  • Carry out investigations so that they will be judged as ethical and credible
  • Persuade authorities that you and your organization responded responsibly to cybersecurity, privacy, and forensic challenges.

Learning Objectives

  • Work better with other professionals at your organization who make decisions about the law of data security and investigations
  • Exercise better judgment on how to comply with privacy and technology regulations, both in the United States and in other countries
  • Evaluate the role and meaning of contracts for technology, including services, software, and outsourcing
  • Help your organization better explain its conduct to the public and to legal authorities
  • Anticipate cyber law risks before they get out of control
  • Implement practical steps to cope with technology law risk
  • Better explain to executives what your organization should do to comply with information security and privacy law
  • Better evaluate technologies, such as digital archives and signatures, to comply with the law and serve as evidence
  • Make better use of electronic contracting techniques to get the best terms and conditions
  • Exercise critical thinking to understand the practical implications of technology laws and industry standards (such as the Payment Card Industry Data Security Standard).

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.