Two Days of Cyber Agenda
Thursday, march 22
2018 Cybersecurity and Privacy Protection Conference
Welcome and Introductions
Lee Fisher, Dean and Joseph C. Hostetler-BakerHostetler Chair, Cleveland-Marshall College of Law
Brian Ray, Professor and Center for Cybersecurity and Privacy Protection Director, Cleveland-Marshall College of Law
Security as Strategy: Engaging the C-Suite and the Board
Security and privacy are critical strategic issues for any organization that require regular and extensive engagement by the C-Suite and the Board. This panel of experience CISO’s and security practitioners share their experiences and best practices for approaching security from a strategic perspective starting at the top.
James Deiotte, Executive in Residence, CSU’s Monte Ahuja College of Business
Eric Hibbard, Chief Technology Officer, Security & Privacy, Hitachi Vantara
Jamil N. Jaffer, Vice President for Strategy &Business Development at IronNet Cybersecurity
G. Dick Kerr, Vice President and Chief Information Security Officer, Eaton Corporation
Travis LeBlanc, Partner, Boies, Schiller, Flexner
Helen Patton, Chief Information Security Officer, The Ohio State University
Data Breach Litigation and Regulatory Investigations
The business case for taking a strategic approach to security hinges in no small part on the substantial liability an organization may incur as a result of both regulatory investigations and private legal actions, including class actions. These breaches and legal actions have drawn significant media attention, but many of the core legal issues are largely unsettled and the role of the major regulatory agencies is evolving in the Trump era. This panel of veteran litigators and an experienced FTC attorney will review recent legal developments and open issues in data privacy and security litigation and regulatory investigations.
Christopher Dore, Partner-in-Charge Case Development & Investigations, Edelson PC
Frances Floriano Goins, Partner, Co-Chair Cybersecurity & Privacy and Financial Services & Securities Litigation Groups, Ulmer & Berne LLP
Douglas Meal, Co-Lead Privacy and Cybersecurity Practice, Ropes & Gray
Brian Ray, Professor and Center for Cybersecurity and Privacy Protection Director,
Cleveland-Marshall College of Law
James Trilling, Senior Attorney, Federal Trade Commission Division of Privacy and Identity Protection
Kegler, Brown, Hill & Ritter, LPANetworking Break
Keynote Address:Cyber: the Changing Threat Landscape
The rapid pace of change in the technologies organizations use and the threat landscape poses significant problems for the development of cybersecurity policy. This address will examine several recent examples and identify key issues that policymakers at the federal and state level should address.
Hon. Mike Rogers, Former Chair, US House of Representatives Permanent Select Committee on Intelligence (HPSCI) and David M. Abshire Chair, Center for the Study of the Presidency and Congress
11:30 am-12:30 pm
Security as Strategy Deep Dive 1: Financial Services Sector
The financial services sector is among the most heavily targeted—and regulated—in the US and elsewhere. This panel of seasoned regulatory, business and technology experts will examine these challenges and complex legal requirements, including several important new laws; how financial institutions address these challenges from both legal and operational perspectives; and ways to translate those lessons to other sectors.
David Crews, Vice President, Corporate Information Security, KeyBank
David Glockner, Chief Compliance Officer, Citadel LLC
Arlonda Stevens, Vice President, Privacy Office, PNC Bank
Brian Tishuk, Executive Director, Financial Sector Coordinating Council
Thomas Zych, Partner, Chair, Privacy & Cybersecurity Practice, Thompson Hine LLP
Tucker Ellis Networking Lunch
Vendors and Third-Parties: Balancing Business and Security
Most regulatory regimes require specific steps to address third-party security and many impose specific requirements on service providers and vendors themselves. This panel of experienced security advisors and third-party partners will discuss strategies for developing robust security programs that balance business demands with effective and comprehensive security.
Joseph Compton, Principal, Risk Advisory Services, Skoda Minotti
Christopher Dorr, Third-Party Risk Management, Pivot Point
Kevin Goodman, Managing Director, Partner, BlueBridge Networks, LLC
Matt Hallock, National Sales Executive, Expedient
Stephen Jett, Partner, Cybersecurity and Privacy Practice, Ulmer & Berne LLP
Incident Response Tools and Tactics
This session will discuss developing, implementing and executing incident response policies and procedures before, during and after a security breach, including defensible incident response plans; who should be on the incident response team; breach notification requirements and the role of outside counsel and vendors in breach response.
Victoria Beckman, Co-Chair, Privacy & Data Security Practice, Kegler, Brown, Hill & Ritter LPA
Damon Hacker, President, CEO and Founder, Vestige Digital Investigations
Jim Labiszak, Manager, Security Consulting Services, Mandiant
John Landolfi, Chair, Privacy & Data Security Practice, Vorys, Sater, Seymour and Pease LLP
Tim Opsitnick, Executive Vice President & General Counsel, TCDI
Security as Strategy Deep Dive 2: Health Care Sector
Health care organizations store tens of millions of records with highly sensitive and valuable information making them a frequent target for cybercrime, as underscored by a recent HHS Office for Civil Rights report that warned incidents of cyber extortion have risen steadily and will continue to be a major source of disruption in this industry. Our second deep dive brings together leaders from HHS OCR, major health care organizations and expert advisors to the industry to discuss these trends, best practices for addressing them and how those practices translate to other industries facing similar threats.
Deborah Marko Koeberer, Privacy Officer, University Hospitals
Steven Mitchell, Acting Regional Manager, U.S. Department of Health and Human Services, Office for Civil Rights
Ben Osbrach, Leader, Assurance Concepts Practice, Skoda Minotti
Gregory Stein, Counsel, Cleveland Clinic
Closing Remarks and Discussion: Cyber Crime Trends and Developments
Justin Herdman, U.S. Attorney, Northern District of Ohio
Public-Private Cooperation: Working with Law Enforcement and DHS
Data breaches frequently are the result of criminal activity, and cyber-crime has emerged as one of federal law enforcement’s top priorities. Recent federal legislation and policy emphasizes the need for information sharing between law enforcement and the private sector to counter the increasing range and sophistication of criminal attacks. This session will examine the roles the Department of Homeland Security, the FBI, US Secret Service and the US Attorney play in developing a strong public-private partnership to prevent cybercrime and to encourage cooperation between the public and private sectors.
Jonathan Frenkel, Assistant General Counsel, Federal Bureau of Investigation
Matthew Luczak, Cybersecurity Task Force, U.S. Secret Service
Dan Riedl, Assistant U.S. Attorney, National Security and Cyber Unit, Northern District of Ohio
Gabriel Slater, Attorney-Advisor, Cybersecurity, Office of the General Counsel, U.S. Department of Homeland Security
Bryan Smith, Supervisory Special Agent, Cyber Unit, Federal Bureau of Investigation, Cleveland
Steven Stransky, Senior Counsel, Privacy & Cybersecurity Practice, Thompson Hine LLP
Sponsored by Ulmer & Berne
The Conference is presented in partnership with the Northeast Ohio CyberConsortium, the IoT Collaborative and the Laura and Alvin Siegal Lifelong Learning Program at CWRU.