2nd Cybersecurity and Data Privacy Law Conference

Overview

Presented by the Institute for Law and Technology, this conference brings together cybersecurity professionals from the region and around the country to provide advice and guidance to in-house and private practice attorneys on cybersecurity legal issues. Designed for the experienced cybersecurity attorney and those responsible for handling cybersecurity plans and responses, the conference will update attendees with the most current regulations and cybersecurity issues, address developments in the cybersecurity field, and provide techniques for addressing cyber risks and responses.

Conference Co-Chairs

Emily Westridge Black
Haynes and Boone, LLP
Austin, TX

Louis Bladel
EY
Washington, D.C.

Jay Johnson
Jones Day
Dallas, TX

Download the Brochure (pdf)

For more details, download the online brochure.

Tuition

• $340 - Regular Registration Fee
• $280 - ILT/IEL Advisory Board Member
• $280 - IEL Young Energy Professional Member
• $280 - ILT/IEL Supporting or Sustaining Member Employee
• $280 - CAIL Member or Member Employee
• $280 - Government Employee
• $75 - Full Time Student
• $75 - Full Time Professor

Schedule and Faculty

8:45 am

Welcome and Introductory Comments

9:00 am

Threat Analysis: A Review of Attack Vectors and Detection/Mitigation Techniques

Cyber threat actors are increasingly altering their Tactics, Techniques & Procedures (TTP) when conducting cyber-attacks against victim companies.  The attack vectors used can be as simple as a phishing compromise to Advanced Persistent Threat (ATP) malware hidden deep inside memory.  Yet, all is not lost, there are strategies that can be used by corporations to identify and detect these activities and mitigate the impact to a company.

The discussion will present information on:

1. Cyber threat actors and attack techniques;
2. Detection methods to identify cyber threats; and
3. Mitigation strategy to minimize impact from a cyber threat.

• John deCraen, Senior Director, Alvarez & Marsal, Dallas, Texas
• Art Ehuan, Managing Director, Alvarez & Marsal, Washington, D.C.

9:45 am

Third Party Management: Who's Watching Your Vendors?

• Luke Dembosky, Debevoise & Plimpton LLP, Washington, D.C.

10:15 am

Break

10:35 am

Cybersecurity Measures: The Evolution of a Standard

Regulators are increasingly issuing more prescriptive and mandatory cybersecurity standards. Organizations need to understand the applicable standards yet recognize that compliance does not necessarily equate to effective cybersecurity.

• William R. Daugherty, BakerHostetler, Houston, Texas

11:05 am

Autopsy of an Incident Response Plan

This presentation consists of three parts - overview of incident response, simulation, and after-action reporting. Attendees will learn to understand how cybersecurity incidents are viewed from a management perspective and will be encouraged to make quick decisions with limited information. The after-action portion will examine attendees' responses and discuss gaps for which people, process, and technology should have been enhanced to properly mitigate the cybersecurity incident.

• Phuong Nguyen, Manager, Fraud Investigation & Dispute Services, EY, McLean, Virginia

11:50 am

Effective Cyber Insurance and Dispute Review

This session will explore various tools for risk management and offsetting costs attendant to breaches and other cyber events. The panelists will discuss what coverage might be needed and how to secure insurance coverage under traditional business policies and the cyber insurance policies now available.

• Jeffrey Schermerhorn, Willis Towers Watson, Los Angeles, California
• Leslie Thorne, Haynes and Boone, LLP, Austin, Texas

12:20 pm

Break and Lunch

12:45 pm

Presentation: Lori Fink, Chief Legal Officer, AT&T Advertising & Analytics, Chief Privacy Officer, AT&T, New York, New York

1:30 pm

Break

1:45 pm

PR's Perspective: The Sins and Virtues of Cyber and Privacy Incident Response

We have all seen breaches or other InfoSec-related incidents that haven't gone as planned in a very public way. Some organizations have handled it very well, others have not. We expect those who join us will gain some perspective from another side of the incident response team, why it's important to balance the reputational risk with the legal risk - especially when dealing with an incident that has gained public traction, what nuances to look out for when responding to an incident that has migrated into the public domain, and other useful tips.

• Richard Mullinax, Sr. Partner, Executive Vice President, Global Director Energy & Utilities, FleishmanHillard, Dallas, Texas
• Scott Radcliffe, Vice President, Privacy and Cyber Risk Practice Lead, FleishmanHillard, Austin, Texas

2:30 pm

Forensic Investigations: A Look Under the Hood

In today's digital age petabytes of data are created yearly. Fortunately for investigators, digital artifacts are recorded for almost every action. This session will provide in-depth insight into some of the procedures and digital artifacts a forensic analyst would examine as part of a forensic investigation.

• David L. Best Jr., Senior Director, FTI Consulting, Inc., Philadelphia, Pennsylvania

3:15 pm

Break

3:30 pm

Tabletop Exercise: A Breach…Now What?

The panel will engage the audience in a “mock” incident response exercise involving a hypothetical company, soliciting real-time feedback from the audience on appropriate next steps as the investigation develops. The presentation on whole will touch on best practices, preservation, privilege, PR, and other issues.

• Jay Johnson, Jones Day, Dallas, Texas
• Chad Pinson, Stroz Friedberg, an Aon Company, Dallas, Texas

4:15 pm

To Notify or Not to Notify: A Review of the Nuances of Breach Notification Laws

• Andrea L. D’Ambra, Norton Rose Fulbright US LLP, New York, New York

5:00-6:30 pm

Reception

Friday, April 13

Hot Topics Breakfast Breakouts

8:30 am

SESSION ONE
Insider Risk - A Holistic View

This presentation will take a look at the need to have a broad stakeholder look in preventing and mitigating the insider risk. Many corporations work to solve insider risk with a technical solution, and at times minimize the need to have critical functions play a role into addressing insider risk.

• Michael J. Janosov, Executive Director, EY, Philadelphia, Pennsylvania

SESSION TWO
Threat Simulator

• Paul Alvarez, Senior Manager, EY, McLean, Virginia

SESSION THREE
Effective Cybersecurity for Small Businesses

Everyone should now understand that no business is immune from cyber risk and cybersecurity is important for all businesses. Many are ready to move forward with improving their cybersecurity but do not know where to begin or how to prioritize their resources. This session will provide practical advice for small and midsize businesses to help them obtain effective reasonable cybersecurity.

• Shawn Tuma, Scheef & Stone, L.L.P., Frisco, Texas

9:15 am

Break

9:30 am

Gloves Off Discovery Fight (Ethics)

Attorneys regularly bring up attorney-client privilege when explaining their role in cybersecurity and incident response, but what does the privilege really do and how valuable is it?

In this session two veteran cyber litigators will square off in real-life discovery scenarios to frame the issues and explain the law and arguments to let you be the judge of questions like (1) how to protect the privilege, (2) when to invoke it, (3) how much to rely on it, and (4) does it matter whether you are in federal court, state court, or before regulators like the state AGs or the FTC, OCR, or SEC?

• Jay Johnson, Jones Day, Dallas, Texas
• Shawn Tuma, Scheef & Stone, L.L.P., Frisco, Texas

10:15 am

Responding to Regulatory Inquiries

Unfortunately as recent history has proven, it is not a case of "if" a cyber-security breach occurs, but rather a case of "when". When a breach is discovered, it is essential to act comprehensively and quickly, or expose your business to greater liability. This session will provide guidance on responding to regulators in an effective manner to limit business risk when incidents occur.

• Monté L. Williams, Steptoe & Johnson PLLC, Morgantown, West Virginia

11:00 am

Break

11:15 am

Post-Mortem Incident Response Assessment: Incorporating Lessons Learned

One of the most important parts of any incident response is the post-mortem.  Handled correctly (and without unnecessary finger-pointing), post-mortems allow organizations to identify and incorporate lessons learned from the incident.  This panel will discuss how to conduct an effective post-mortem, including how to strengthen your security posture and improve your response to the next incident.

Moderator: Emily Westridge Black, Haynes and Boone, LLP, Austin, Texas

Panelists:

• Parrish Gunnels, Chief Information Security Officer, Kibo Commerce, Dallas, Texas
• Blake M. Jones, General Counsel & Chief Compliance Officer, Hayman Capital Management, L.P., Dallas, Texas
• Trent Teyema, Chief of Cyber Readiness and Cyber Division COO, Section Chief - Cyber Division, Federal Bureau of Investigation, Washington, D.C.

12:15 pm

Adjournment

Credit

MCLE Credit

CPE Credit

This course is also approved for 9.75 hours of CPE credit by the International Association of Privacy Professionals for CIPP/US, CIPM and CIPT certifications.

Overnight Accommodations

Dallas/Plano Marriott at Legacy Town Center
7121 Bishop Road
Plano, TX  75024 

• $199+/night
  Nights of 4/11, 4/12, 4/13
  Cutoff 3/21/18

You may contact Marriott Reservations directly at 1.800.228.9290 and mention "IEL Cybersecurity" to receive your group rate or

BOOK HOTEL ONLINE

Sponsorship Opportunities

Headline Sponsorship (Exclusive) - $5000 - SOLD OUT

• Recognition in the Conference brochure, which will be mailed and/or emailed to several thousand interested counsel and business leaders and will reach many thousands more through email and web announcements
• Company/firm logo prominently displayed in the Conference brochure and final program
• Recognition on the Conference website and e-marketing communications.
• 4 free registrations (all events)
• Opportunity to loop a short video during the two morning breaks and one afternoon break.
• Signage recognition throughout the conference.
• 1 exhibition table for promotional materials
• Name/logo on the conference website with link to company page

Hot Topics Breakout Breakfast Sponsorship - $3000 as exclusive sponsor or $2000 as general sponsor (up to two sponsors max) - SOLD OUT

• Recognition in the Conference brochure, which will be mailed and/or emailed to several thousand interested counsel and business leaders and will reach many thousands more through email and web announcements
• Company/firm logo prominently displayed in the Conference brochure and final program
• Recognition on the Conference website and e-marketing communications.
• 3 free registrations with exclusive, 1 with general sponsorship
• Signage recognition at all 2 breakfasts for exclusive or at the chosen breakfast.
• 1 exhibition table for promotional materials
• Name/logo on the conference website with link to company page

Conference Luncheon April 12- $4000 as exclusive sponsor or $2000 as general sponsor (up to three sponsors max)

• Recognition in the Conference brochure, which will be mailed and/or emailed to several thousand interested counsel and business leaders
• Recognition as a sponsor of the Luncheon on the conference website, in the conference brochure, in e-marketing and at the conference
• Signage recognition at the Luncheon
• 3 free Conference registrations with Exclusive/ 1 with general sponsorship
• 2 complimentary guests at the Luncheon for Exclusive, 1 for general sponsorship
• 1 exhibition table for promotional materials
• Name/logo on the conference website with link to company page

Lanyard Sponsorship - $3500 exclusive sponsor

• Company/Firm Name on one side of the lanyard
• Recognition as Lanyard sponsor on the conference website, in the conference brochure, in e-marketing and at the conference
• 3 free Conference registrations
• 1 exhibition table for promotional materials
• Name/logo on the conference website with link to company page

Conference Reception - $2000 general sponsor (up to five sponsors max)

• Recognition as a sponsor of the Reception on the conference website, in the conference brochure, in e-marketing and at the conference
• 1 free Conference registration
• 2 complimentary guests at the Welcome Reception
• Space for promotional materials
• Name/logo on the conference website with link to company page

Full Page Ad on Folder - $3000 exclusive sponsor

• Single page company/firm advertisement appearing through the back of the conference material folder that will be distributed to all registrants
• Recognition in the Conference brochure, which will be mailed and/or emailed to several thousand interested counsel and business leaders and will reach many thousands more through web announcements.
• Company/firm logo prominently displayed in the Conference brochure and final program.
• Recognition on the conference website
• 3 complimentary registrants at the conference
• An opportunity to display company/firm materials at the conference
• Name/logo on the conference website with link to company page

Security Breach Stress Kit Items

Stressball Sponsor - $1,500 exclusive sponsor

• Recognition as conference general sponsor on the conference website, in the conference brochure, in e-marketing and at the conference
• 1 free Conference registration
• Space for promotional materials
• Name/logo on the conference website with link to company page

Travel Coffee Mug Sponsor - $2,000 exclusive sponsor

• Recognition as conference general sponsor on the conference website, in the conference brochure, in e-marketing and at the conference
• 1 free Conference registration
• Space for promotional materials
• Name/logo on the conference website with link to company page

Good Night Sleep Eye Mask Sponsor - $1,500 exclusive sponsor

• Recognition as conference general sponsor on the conference website, in the conference brochure, in e-marketing and at the conference
• 1 free Conference registration
• Space for promotional materials
• Name/logo on the conference website with link to company page

Other Information

Press Policy

This conference is held under the Chatham House Rule. Participants, including journalists, are free to use any information received, but comments may not be attributed to any speaker identified by name or affiliation.

Nondiscriminatory Policy

The Center for American and International Law does not discriminate on the basis of race, color, sex, religion, national origin, age, disability, veteran status or any other protected status in educational activities, scholarship programs or admissions.

Privacy Policy

We do not sell or rent information to any outside parties. By providing your information, you will receive postal and electronic communications from the Institute for Law and Technology (ILT) of The Center for American and International Law (CAIL) in accordance with CAIL's Privacy Policy. If we co-sponsor a program with another organization, information may be shared between the parties. All such co-sponsors will be identified on the event details and registration page. At any point, you can opt-out or unsubscribe by selecting either link at the bottom of each email or call us at 972.244.3400.