Los Angeles Agenda

The 2018 Agenda is coming soon.

A copy of the 2017 agenda is below.

8:30am – 9:00am
Continental Breakfast and Registration

9:00am – 9:30am
Session 1: Polling the Audience

  • What is your data security role at your organization?
  • What are your pain points, biggest issues?
  • What do you want to get out of the seminar?

9:30am – 10:30am
Session 2: Information Sharing, Law Enforcement, and Vulnerability Programs: Pros and Cons

  • Federal legislative landscape and the Cybersecurity Information Sharing Act (CISA)
    • Building information sharing and trust between public and private sectors
    • Corporate views on information sharing
  • Information Sharing and Analysis Centers (ISACs)
  • Law enforcement landscape
    • How, who, and when to contact law enforcement
    • Responding to law enforcement requests for data (including location monitoring data)
    • Encryption backdoor debate
    • United States v. Microsoft and similar Google decisions
  • Vulnerability programs – what are they and when can you white hat hack

10:30am – 10:45am
Coffee Break

10:45am – 11:45am
Session 3: Operating in the Shadows

  • Darknet/TOR
  • Cybercriminals, recent arrests, and the impact on the threat landscape
  • International cooperation
  • Geolocation challenges
  • Anomaly Detection: Breaking the code of Zero Days

11:45am- 12:45pm
Session 4: Fighting the Cyber War: Corporate Governance, People and Process

  • Where are you today? Where do you want/need to be?
  • Extracting Lessons Learned from 2016 Security Incidents
  • Proactive Risk Assessments – Prioritizing Your Security Controls
    • Risk appetite
  • Due Diligence in Deals
    • Yahoo!
  • Creating a Security Culture
  • Are structured to respond?
    • Building a comprehensive response plan
    • Implementation in the trenches
  • Board responsibility for cyber
  • Enforcing best practices for corrective actions
  • Considering Insider Threat
  • Impact of failure
    • Loss of market share and valuation
    • Reputational hit with customers/users

12:45pm – 1:45pm
Networking Luncheon
1:45pm – 2:45pm
Session 5: Avoiding Lightning in the Cloud and Addressing New Threats

  • The Cloud
    • Assessing Data Privacy Considerations in the Cloud
    • Negotiating up front as to Incident Response
    • Data commingling
    • Export Controls and economic sanctions Issues
    • Data Transfer Issues
  • IoT Devices
    • Unique Cybersecurity and Privacy Risks
    • Federal efforts to encourage IoT Security
  • DDoS Attacks
  • Privacy Shield
  • Implementation of the E.U. General Data Protection Regulations in May 2018
    • How it applies to U.S. companies
    • What is Informed Consent under the GDPR?
    • Sanctions and Fines

2:45pm – 3:30pm
Session 6: Data Security and Privacy Litigation

  • Class Actions’ Viability — Injury (Standing)
    • The Spokeo Effect — 2017 appellate decisions, e.g.:
      • Attias v. CareFirst (D.C. Cir.)
      • Katz v. The Donna Karan Co. (2d Cir.)
      • Kuhns v. Scottrade
      • Robins v. Spokeo on remand (9th Cir.)
    • New causes of action and theories of recovery
    • Civil enforcement proceeding by FTC, et al.
    • Am I covered? Insurance coverage and related litigation
      • Engl v. Natural Grocers
      • Equifax

3:30pm – 3:45pm
Networking Break
3:45pm – 4:45pm
Session 7: Ethics in Cybersecurity

  • Threat landscape for law firms
  • Ethical obligations of law firms to protect client data (and understand technology)
  • How are companies (especially in regulated industries) scrutinizing and managing law firms?
  • What do you require of opposing counsel and other third parties when turning over information in discovery?
  • What assurances do we have from the government with sensitive info?
  • Ethical obligations when advising client on how to handle cybersecurity-related legal issues

4:45pm – 5:30pm
Networking Reception

 

 

Agenda is subject to change.