LEG523: OnDemand

Provided by

Enquire about this course

What You Will Learn
  • New: Supply chain terms and conditions
  • New: The rising influence of EU's General Data Protection Regulation (GDPR) in interpretation of cybersecurty law in the US and around the world
  • New: Understanding cyber insurance for a ransomware event
  • New: Facing a cyber crisis? File a lawsuit in the courts of another country.
  • New: Responding when law of foreign country appears to require you to retain sensitive data connected with a "cyber attack"
  • New: Adopt peer review of cybersecurity program to better evidence legal compliance
  • New: Video demonstration of how technical expert witness can handle adversarial cross-examination in a live online court hearing
  • New: Creative insertion of terms, comments, and conditions in blockchain to influence commercial relationships such as contracts for technology services
  • New: How to make better legal records of digital assets (such as non-fungible tokens) and trading platforms
  • New: How to deal with unwelcome visitors who mistakenly think they have legal right to scan or probe your infrastructure
New law on privacy, e-discovery, and data security is creating an urgent need for professionals who can bridge the gap between the legal department and the cybersecurity team. SANS LEG523 provides this unique professional training, including skills in the analysis and use of contracts, policies, and insurance security questionnaires.

This course covers the law of crime, policy, contracts, liability, compliance, cybersecurity, and active defense - all with a focus on electronically stored and transmitted records. It also teaches investigators how to prepare credible, defensible reports, whether for cyber crimes, forensics, incident response, human resource issues, or other investigations.

"It's an excellent course outlining the emerging legal and security issues to be considered." - Nuran Bekiroska, UPS

The Global Information Assurance Certification (GLEG) associated with LEG523 demonstrates to employers that you have absorbed the sophisticated content of this course and are ready to put it to use. This coveted GIAC certification distinguishes any professional - whether a cybersecurity specialist, auditor, lawyer, or forensics expert - from the rest of the pack. It also strengthens the credibility of forensics investigators as witnesses in court and can help a forensics consultant win more business. And the value of the certification will only grow in the years to come as law and security issues become even more interconnected.

The course also provides training and continuing education for many compliance programs under information security and privacy mandates such as GLBA, HIPAA, FISMA, GDPR, and PCI-DSS.

Each successive day of this five-day course builds upon lessons from the earlier days in order to comprehensively strengthen your ability to help your public or private sector enterprise cope with illegal hackers, botnets, malware, phishing, unruly vendors, data leakage, industrial spies, rogue or uncooperative employees, or bad publicity connected with cybersecurity. We cover topical stories, such as Home Depot's legal and public statements about payment card breach and lawsuits against QSA security vendor Trustwave filed by cyber insurance companies and credit card issuers (third parties with which Trustwave had no relationship!).

Recent updates to the course address hot topics such as legal tips on confiscating and interrogating mobile devices, the retention of business records connected with cloud computing and social networks like Facebook and Twitter, and analysis, response to the risks and opportunities surrounding open-source intelligence gathering and the arrest and criminal indictment of two Coalfire penetration testers in Iowa.

Over the years this course has adopted an increasingly global perspective. Professionals from outside the United States attend LEG523 because there is no training like it anywhere else in the world. For example, a lawyer from the national tax authority in an African country took the course because electronic filings, evidence, and investigations have become so important to her work. International students help the instructor, U.S. attorney Benjamin Wright, constantly revise the course and include more content that crosses borders.

Recently Mr. Wright taught LEG523 in Singapore to a classroom of students representing numerous countries, diverse organizations and many different professions. The students gave the course high marks because it teaches generic, timeless lessons applicable around the world.

One thing that sets this course apart is its emphasis on ethics. The course teaches practical lessons on ethical performace by cyber defenders and digital investigators.

  • Choose words for better legal results in policies, contracts, and incidents
  • Implement processes that yield defensible policies on security, e-records, and investigations
  • Reduce risk in a world of vague laws on cyber crime and technology compliance
  • Carry out investigations so that they will be judged as ethical and credible
  • Persuade authorities that you and your organization responded responsibly to cybersecurity, privacy, and forensic challenges.
  • Negotiate business transactions in the ever-changing cyber world
  • Work better with other professionals at your organization who make decisions about the law of data security and investigations
  • Exercise better judgment on how to comply with privacy and technology regulations, both in the United States and in other countries
  • Evaluate the role and meaning of contracts for technology, including services, software, and outsourcing
  • Help your organization better explain its conduct to the public and to legal authorities
  • Anticipate cyber law risks before they get out of control
  • Implement practical steps to cope with technology law risk
  • Better explain to executives what your organization should do to comply with information security and privacy law
  • Better evaluate technologies, such as digital archives and signatures, to comply with the law and serve as evidence
  • Make better use of electronic contracting techniques to get the best terms and conditions
  • Exercise critical thinking to understand the practical implications of technology laws and industry standards (such as the Payment Card Industry Data Security Standard).

This course is an intensive legal education experience, supported with extensive written notes and citations. Lawyers from all over the world take the course. It is developed and taught by an experienced lawyer, Benjamin Wright, who is a member of the Texas Bar Association.

American lawyers have applied for and received participatory continuing legal education credit for attending the in-person version of the course. Obtaining such credit depends on the rules of your state or jurisdiction.

Update: In 2017, LEG523 was accredited under the Colorado Bar Association. Some states will grant credit based on reciprocity from another state like Colorado.

Update: In December 2018, LEG523 was accredited by the Missouri Bar Association.

Update: Many lawyers have successfully applied for Continuing Legal Education credit from their licensing authorities for taking LEG523 (Live and OnDemand). In fact, Ben is not aware of a lawyer who has been denied credit. 2022, a California lawyer shared with Ben a letter from the California Bar Association granting 25 hours of credit (maximum permitted in California). This letter can help lawyers in California and elsewhere get credit. Often, one authority will give credit for a course if another authority has given credit. Lawyers outside California have received more than 25 hours of credit for LEG523

If you wish to discuss continuing legal education credit, you are welcome to contact Mr. Wright at ben_wright@compuserve.com (put "SANS" in the subject line).

  • Printed and Electronic Courseware with extensive notes and citations.
  • Form contract to invite outside incident responders - including police, contractors, National Guard, or civil defense agencies from anywhere in the world - to help with a cyber crisis
  • Sample policy templates on topics such as e-record retention, BYOD devices, and the use of company-owned, personal-enabled devices.
  • Sample contract language, such as text for a non-disclosure agreement.
  • MP3 audio files of the complete course lecture.
Interested in the GIAC Law of Data Security and Investigation (GLEG) certification associated with LEG523? Learn more about the benefits here.

LEG523 complements SANS's rigorous Digital Forensics program. The course and the SANS digital forensics curriculum provide professional investigators an unparalleled suite of training resources.


Start date Location / delivery
No fixed date Virtual Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...