EPISODE · Mar 10, 2026 · 1H 29M
Incident Response: EU vs. US Policy Gaps
from Full Metal Packet
Alejandro Rivas Vazquez has spent nearly two decades running DFIR services and now advises on preparedness through his boutique consultancy, VeraBeam. He’s sat in boardrooms, testified as an expert witness, and been on the phone at 1am when OFAC changed the rules mid-ransomware negotiation.In this episode, Alejandro breaks down why the EU and US approach cyber incidents from fundamentally different starting points, and what happens when those worlds collide inside a real investigation.He explains:Why lawyers belong in the room (and exactly when they don't)How the EU's hyper-regulation actively hinders incident responseWhy business email compromise costs more than ransomware — and gets less attentionWhat preparation actually means before an incident hitsHow DFIR is professionalizing, and where AI fits into its futureTimestamps(00:00) Alejandro's path from Big Four IT risk to DFIR(07:45) How Operation Night Dragon changed the industry(16:20) Boardrooms, expert witnesses, and CISO liability(25:35) EU vs. US: regulation-first vs national security-first(32:15) When Europe's privacy laws block your own investigation(41:48) CISO personal liability: insurance, risk acceptance, and burnout(54:18) War story: business email compromise and the board member who went rogue(01:01:45) The single decision that separates contained from catastrophic(01:09:26) Midnight OFAC call during an active ransomware response(01:14:00) Why DFIR merged and where the profession is heading(01:20:09) AI as force multiplier: threat, opportunity, and the hallucination danger zone(01:33:53) Practical advice: what EU and North American CISOs should do this quarterConnect with Alejandro on LinkedInPowered by Control D
NOW PLAYING
Incident Response: EU vs. US Policy Gaps
No transcript for this episode yet
Similar Episodes
May 7, 2026 ·86m
Apr 29, 2026 ·111m
Apr 20, 2026 ·57m
Apr 18, 2026 ·89m
Apr 13, 2026 ·59m
Apr 9, 2026 ·82m