Threat-actor tactics, goals and strategies are continually transforming, and so are regulatory expectations. Legal requirements for corporate cybersecurity programs are also becoming increasingly prescriptive. When it comes to incident response, significant attention and resources are devoted to best practices that are necessary before and during an incident. However, mistakes in the aftermath are often overlooked: What should you do after your organization has a cybersecurity incident? Data, Privacy & Cybersecurity partner Jud Welle, and Associates Alex Intile and Victoria Volpe explain more in Law360, which they co-authored with FTI consulting Inc.'s Kyung Kim.