As soon as a company has identified an incident, things suddenly start to move fast and the situation can spiral out of control. Questions need to be answered. Is it a breach? What is the next step? Mishandling that first 72 hours after an incident is detected may have significant ramifications for the company’s bottom line. At the recent IAPP Practical Privacy Series conference, Seth Harrington, a partner at Ropes & Gray, and Brian Lapidus, Kroll’s managing director of identity theft and breach notification, covered the most important actions to take and the mistakes that could be made during this crucial time period. See also “How to Avoid Common Mistakes and Manage the First 48 Hours Post-Breach” (Jun. 22, 2016).