AUSCERT Cyber Security Conference | 19-22 May 2026
Incident Response: What Security Teams Need to Know
When a cyber incident occurs, the first 24-72 hours determine both the legal exposure and the quality of recovery.
Presented by Principal Lawyer Matthew Pokarier, this session will distil what security teams must get right (fast) and provides practical guidance on actions that can be implemented immediately.
The session will cover the triggers and sequencing of legal obligations from discovery to containment, clarify when and how to notify affected parties and regulators, outline the mechanics of preserving evidence and explain how to structure workstreams to maximise legal professional privilege (and avoid pitfalls).
Matthew will also cover the evolving rules of engagement on ransom-related risks, including sanctions, terrorism financing, and AML exposure, and Australia’s mandatory ransomware payment reporting regime and show how these elements interact with disclosure expectations from regulators and boards.
Delegates will leave with an incident checklist, an awareness of legal privilege and board ready talking points.
For more information and to register, please visit: https://conference.auscert.org.au/