Related Posts
Does anyone know if VPB lost Audi?
Additional Posts in Privacy Law
Any associate privacy roles open in Austin, TX?
Anyone take the CIPM recently? How was it?
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.



The problem with IR work is that it’s all consuming because of the urgency so it’s incredibly hard to balance with other clients when there’s a breach, particularly for a major client.
Also, the insurance companies are psychotic and make the process exponentially more painful with billing guidelines, bargain basement rates, and attempts to force the company to use less expensive (and less good) counsel and technical experts.
IR work injects a ton of stress into your life and the firm potentially makes less doing it. It can be a lose lose, but it’s still hugely important to be able to do because those relationships often turn into long term compliance and governance counseling at normal rates that’s much more stable. So it’s to me at least a necessary evil.
IR work is more project management then actual practice.
Insurance companies suck ass.
Everything is urgent to every client.
Less exit options than advisory work.
If anything, the more fun stuff in IR, to me at least, is what forensics and threat actor negotiators do.
This. I love the crisis management and issue spotting that comes with the triage phase. It’s the box checking that comes after which is the kind of unnecessarily stressful tedium that makes me wonder what that law license is for in the process.
Everything to what C1 notes above, plus the overwhelming volume of work where the bad actors clearly got the gold, even where your clients did everything right.