Data breach response workflow and coordination requires careful navigation because, among other things, the legal, public communications, and compliance ramifications of any failure can be devastating and value destructive for both public and private companies. This panel of top incident response experts will discuss the hottest and most timely issues of IR, including COVID-19. Most importantly, this panel will discuss what to expect in the future, kicking it all off with a roundtable on predictions of the biggest IR issues facing legal and compliance professionals during the next few years, from incident response workflow and law enforcement/ regulatory interphase to notification, remediation and cyber-related class actions.
This discussion focuses on the requisite strategic framework for boards of directors to effectively analyze and supervise corporate cybersecurity risks. In the aftermath of a corporate cyber-attack, boards and the c-suite they supervise are subjected to immediate public scrutiny and criticism. This new cyber-reality has essentially removed the distinction between board member and IT executive, with cybersecurity emerging as a key corporate risk area. This panel will also discuss how to approach/improve/manage cybersecurity so, that when the inevitable data security incident occurs, a company’s cyber-hygiene will not only meet, but also impress, the litany of state, federal, and/or sector-based regulators that will suddenly become engaged as well as the many other parties who may seek reparation and/or recompense.
Business email compromise (BEC) attacks can have significant regulatory implications, can involve important legal responsibilities and liabilities, and are growing exponentially both in scope and in breadth. Because BEC issues are critical to the very survival of a company, lawyers typically oversee and direct investigative workflow, command the investigation and remediation for the C-suite, and share with senior management the ultimate responsibility for key decisions. This panel will cover the latest developments in, and the latest legal techniques, practices and countermeasures for, BEC attacks. Most importantly, this panel will address the most effective methods and processes available for BEC recovery.
One of the most significant, and too often ignored cybersecurity risks, involves the company insider. Leaks, theft, and sabotage by employees (and former employees) have become a major cybersecurity risk – and pose unique investigatory and response challenges for legal and compliance professionals. This panel discusses how to handle the many challenging issues which can arise when a data security incident involves the negligent or intentional misconduct of a current or former employee. This panel will also include a discussion of one of the more infamous insider threat investigations, the thrilling, true-life account of the FBI’s hunt for the ingenious traitor Brian Regan. Before Edward Snowden’s infamous data breach, the largest theft of government secrets was committed by Regan whose intricate espionage scheme and complex system of coded messages were made even more baffling by his dyslexia. Regan, who came to be known as The Spy Who Couldn’t Spell, was captured because of the extraordinary efforts of Bret Padres (then Air Force OSI) and Gary Walker (then Air Force OSI) as described in a book by Yudhijit Bhattacharjee – all of whom will be on this panel.
This panel will focus on the national security implications of cyber-attacks. For legal and compliance professionals, understanding the national security dynamic of cyber-threats is critical to represent adequately the interest of corporate clients – especially in the context of regulatory compliance; insurance claims; and privacy protections. This panel will include a look at which foreign entities are hacking into American systems, and how they are doing it. Other questions include: What sort of impact does foreign complicity in a data breach have upon a successful strategic incident response? If foreign countries are tampering with elections, should boards be concerned that they’re also tampering with supply chains?
Moderated by Ken C. Joseph (Duff & Phelps)
Ransomware attacks can have significant regulatory implications, can involve important legal responsibilities and liabilities, and are growing exponentially. Because ransomware response is critical to the very survival of a company, lawyers typically oversee and direct investigative workflow, command the investigation and remediation for the C-suite, and share with senior management the ultimate responsibility for key decisions. In the context of ransomware in particular, because most companies end up paying the ransom, effective legal counsel is essential. This panel will discuss some of the more typical ransomware workflow such as: working with law enforcement; quarterbacking remediation; managing any possible customer and regulatory notification responsibilities; and leading the battle for any insurance claims. This panel will also address some of the unique and complex issues involved such as the legal risks of negotiating with, and tendering payment to, the ransomware purveyor.
The CCPA, effective January 1, 2020, creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses. The CCPA now takes its place alongside the European Union’s General Data Protection Regulation (GDPR), which has its own legal framework with different scopes, definitions, and requirements. Both statutes will have a tremendous impact on businesses and will permanently change the way customer data is collected, stored, and used. This panel will focus on the most critical items in both blockbuster statutes, all in the context of how to manage these responsibilities in the context of a data security incident.
Companies have begun taking into account cybersecurity concerns when considering overall enterprise risk management and insurance risk transfer mechanisms, just as they do with other hazards of doing business. Yet there is no standard cyber-insurance policy, and many corporate cyber-insurance policies are bespoke. This discussion focuses on battleground legal issues concerning cyber-insurance (and other types of insurance), including discussions of how to make sure all parties involved are properly covered and reimbursed; and how the latest class action developments impact the conducting of an incident response.
This discussion will focus on the unique regulatory and legal framework surrounding cyber-attacks of financial firms, with a particular focus on managing issues pertaining to the U.S. Securities and Exchange Commission, the Financial Industry Regulatory Authority, and the litany of other federal and state financial law enforcement/regulatory agencies.