- Breakfast and Registration
7:45 a.m. – 8:15 a.m.
- Introduction and Background
8:15 a.m. – 8:30 a.m.
The program will begin with a basic description of Cybersecurity and its various components, and provide an overview of the dynamic nature of the challenge of protecting information from an increasingly sophisticated and wide array of potential intruders.
- Session I: Protecting your Legal Interests in the Cybersecurity Space
8:30 a.m. – 9:30 a.m.
Corporations of all sizes increasingly contract with vendors and services providers to host and manage their data – from customer contact information to personnel information to medical records – so that they can receive key software-as-a-service or service bureau services. The hosting and processing of data by vendors (and then by the vendors’ subcontractors) creates potential risk, and counsel must carefully review the contracts among the parties to ensure that liability is properly allocated. In this session, we discuss the sources of liability and recent trends in vendor contracts for hosted services, from indemnity clauses to security exhibits.
- Session II: Cybersecurity Risk Management
9:30 a.m. – 10:30 a.m.
This session will discuss current insurance available in the market for data breaches of all types; what's covered; what's not covered; and why companies should consider the purchase of insurance as a tool to mitigate their exposure to a Data breach. The session will also discuss some of the most vexing legal issues surrounding insurance coverage for data breaches.
- Session III: Incident Response Considerations
10:40 a.m. – 11:45 a.m.
Bob Cattanach, Co-Chair of the Firm’s Privacy and Social Media Group, will provide an overview of the legal and practical considerations when responding to an intrusion. While certain sectors such as health information, have unique legal requirements, for the most part breach notification laws are a patchwork quilt of 46 different state notification programs, sometimes with conflicting or contradictory obligations. This portion of the program will focus on the technical, legal, and practical considerations that drive the formulation of an Incident Response Plan, including the identification of appropriate internal and external resources. We will also highlight the tensions and challenges inherent in responding to any data breach, and provide some practical guidelines on how to prepare for what increasingly appears to be the inevitability that an outsider will gain access to your data.
For additional information about this event or on how to register, please contact