The final phase of an organization’s cyber incident response is one of the most critical but often overlooked parts of its Incident Response Plan—the lessons learned meeting. This phase involves gathering the Incident Response Team together to discuss the good, the bad, and maybe even the ugly—all to identify potential areas for improvement with the goal of developing a better and more efficient response process in the future. In this episode of LEGALnotes®, Harter Secrest & Emery’s Dan Altieri, USI’s Mana Patel, and Avalon Cyber’s Kyle Cavalieri discuss the importance of holding these lessons learned debriefs after a cyber incident.