🎧 HSF Podcast: Cross Examining Cyber EP23: Cross Examining Professor Ciaran Martin – Part 2

What makes a great lawyer in a cyber incident response?

This is a key question that I explored during part 2 of our podcast with Professor @Ciaran Martin, a world leading cyber thought leader.

The questions challenged Ciaran but he answered it succinctly as “one do and one don’t”. The best incident leaders loosen control (the “do”), rather than tighten it (the “don't”). A damaging instinct in a crisis (often driven by impractical lawyering) is locking everything down and keeping help out for fear of liability. In practice, faster recovery usually comes from working openly with the broader cyber response community. Most people genuinely want to help.

Here were my other favourite pieces of wisdom shared by Ciaran coming out of the discussion.

1. The “pyramid of liability” has inverted. When something goes wrong, we still reach for the easiest explanation – i.e. “someone clicked the link”. That’s comforting, but it misses the point. Most incidents are really about upstream failures — poor…