Online Conference Agenda

The methods of interactivity for this program include attendees being able to ask questions to the panelists online in real-time through a chatroom. Each attendee can see each question and answer that is posted and they have the option to respond to each other, not just the panelists. Panelists can be seen by all attendees and share their desktop to show relevant materials.

Thursday, September 17

11:45-12:15 Registration

12:15-12:30 Welcome and Introductions

  • Brian Ray, Cleveland-Marshall College of Law

12:30-1:30 State Regulatory Developments

This panel will discuss the new wave of state privacy and cybersecurity laws, including the California Consumer Privacy Act, the Ohio Data Protection Act, and the newly energized Illinois Biometric Privacy Act and several others. We’ll examine the challenges these laws pose for organizations and emerging best practices for complying with them.


Frances Floriano Goins, Ulme & Berne LLP
Amy Keller, DiCello Levitt Gutzler LLC
John Landolfi, Vorys, Sater, Seymour & Pease LLP
Brian Ray, Cleveland-Marshall College of Law (lead)
David Shonka, Redgrave LLP 

1:30-2:45 Break

  • Sponsored by Tucker Ellis, LLP

1:45-2:45 Incident Response

This session will discuss developing, implementing and executing incident response policies and procedures before, during and after a security breach, including defensible incident response plans; who should be on the incident response team; breach notification requirements and the important role that cyber risk insurance can play in both preparing for an incident and responding to it.


Robert Hanna, Tucker Ellis LLP 
Damon Hacker, Vestige Digital Investigations
Amanda Martin, McDonald Hopkins LLC
Tom Moran, Lewis Brisbois Bisgaard & Smith LLP
Spence Witten, Lunar Line (lead)

2:45-3:00 Break

  • Sponsored by Lewis Brisbois Bisgaard & Smith, LLP

3:00-4:00 CPO & CISO Roundtable: Integrating Compliance

Developing cybersecurity and privacy policies and procedures to comply with applicable regulations is only the first step in securing your data and preventing a breach. This panel will discuss how organizations of all sizes can develop a cyber risk management approach that will enable them to develop a comprehensive, robust and resilient cybersecurity posture applicable across regulatory regimes.


Robert Eckman, Kent State University (lead)
Kirk Herath, Nationwide Insurance
Aaron Mendelsohn, Ingram Micro
Jess Walpole, Lincoln Electric

4:00-4:15 Break

  • Sponsored by TCDI

4:15-5:15 Cloud Security, Third-Party Partnerships and the Shared Responsibility Model

Cloud adoption is exploding with nearly 1,300 cloud apps in use in an average enterprise. This increased reliance on cloud services for critical business operations brings increased productivity but also potential security and privacy risks that require collaboration and coordination between enterprise and third-party providers. This panel will address the security and legal/compliance issues raised by the increased reliance on cloud services as well as other third-party relationships and how well-structured partnerships can improve security.


Kevin Goodman, Bluebridge
Matthew Neely, Progressive Insurance
Marcus Noel, First Energy
Derek Parks, Marcum LLP
Steven Roesing, ASMGi
Spence Witten, Lunar Line (lead)

Friday, September 18

11:45-12:10 Registration

12:10-12:15 Welcome and Introductions

12:15-1:15 FTC’s Role as National Privacy Enforcer: A Fireside Chat

  • Federal Trade Commissioner Christine Wilson
  • Brian Ray, Cleveland-Marshall College of Law

This discussion will focus on privacy during the COVID-19 pandemic, the FTC's call for comprehensive privacy legislation, and the FTC’s privacy and data security enforcement program.

1:15-1:30 Break

  • Sponsored by Lewis Brisbois Bisgaard & Smith LLP

1:30-2:30 Federal Sector Litigation and Regulatory Investigations

This panel of regulators from several federal agencies, including the FTC and SEC, and experts in federal practice will discuss current trends, recent enforcement actions and best practices for developing effective compliance programs and handling regulatory investigations.


Arsen Ablaev, Securities and Exchange Commission
Ariel Fox Johnson, Common Sense Media
Douglas Meal, Orrick, Herrington & Sutcliffe, LLP
Brian Ray, Cleveland-Marshall College of Law (lead) 
James Trilling, Federal Trade Commission

2:30-2:45 Break

  • Sponsored by TCDI

2:45-3:45 Working with Law Enforcement

Data breaches frequently are the result of criminal activity, and cybercrime has emerged as one of federal law enforcement’s top priorities. This panel will discuss the important role that law enforcement agencies can play as partners in responding to data breaches that result from criminal conduct and the value of establishing a strong relationship with these agencies as part of your cybersecurity program.


Michael Brian, Federal Bureau of Investigation
Tim Opsitnick, TCDI (lead)
Terence Check, Department of Homeland Security
Om Kakani, U.S. Attorney’s Office NDOH
Dean Valore, Valore & Gordillo, LLP

3:45-4:00 Break

  • Sponsored by Tucker Ellis LLP

4:00-5:00 Health Care Sector Deep Dive

Health care organizations store tens of millions of records with highly sensitive and valuable information making them a frequent target for cybercrime. The COVID-19 pandemic raises new challenges in balancing the privacy of health information with the need to combat the pandemic. This session brings together leaders from HHS OCR, major health care organizations and expert advisors to discuss these trends, best practices for addressing them and how those practices translate to other industries.


Peggy Beat, Lewis, Brisbois, Bisgaard and Smith LLP
Joe Dickinson, Smith Anderson LLP
Steven Mitchell, U.S. Department of Health & Human Services
David Schweighoefer, Ulmer & Berne LLP
Jami Vibbert, Arnold & Porter LLP (lead)

  • Share