CYBERSECURITY RISK MANAGEMENT
|
|
- Jane Conley
- 5 years ago
- Views:
Transcription
1 CYBERSECURITY RISK MANAGEMENT
2 RETHINKING PROTECTION Cybersecurity is one of the most challenging risks confronting companies around the world. In today s interconnected world, virtually all companies and their customers are potential targets. With vast experience in cybersecurity matters and a global cybersecurity team, DLA Piper is ideally situated to guide clients in managing this increasingly important risk area. We help clients to implement a 360-degree approach to creating, managing and maintaining a secure cyber-dna in the face of escalating threats and legal requirements, and a shift in the duty of care for companies and directors. Our lawyers were instrumental in drafting the widely acclaimed National Association of Corporate Directors Cyber Risk Handbook, which is being used across corporate America to establish cyber risk governance systems. We also track cybersecurity regulatory developments in 23 major world economies for an information service. We helped to draft almost all the US state breach notice laws; are developing a video to help educate senior managers and directors about cyber risk issues; and we help clients to prepare for security incidents through a free model incident response protocol that clients adapt to their organization and regulatory requirements. RANKED IN TIER 1 IN CYBER LAW Legal 500, 2017 We offer clients practical and down-to-earth guidance across the spectrum of governance of cyber-risk, including: Global incident response and investigations Risk assessment mitigation and compliance around the world Program design and implementation Corporate governance Supply chain risk management DLA Piper has an intelligent and practical cyber team. Government affairs solutions Litigation (D&O, class action, product liability) 02 CYBERSECURITY RISK MANAGEMENT
3 PROACTIVE STRUCTURES, STEADFAST STRATEGY It is only a matter of time before a determined hacker can penetrate your organization s system. With consequences of these attacks growing ever more serious, cybersecurity risk has become a top priority for many organizations. DLA Piper has a series of offerings that are designed to prepare clients for the inevitable cyberattack, including how to respond to cyberattacks. We guide clients through the design and implementation of a governance structure that can meet organizations duties of care. We provide clients proactive corporate governance structures to protect companies and their directors; offer tools to comply with evolving regulatory requirements; develop and refine sound corporate policies; design and help to manage strategies to create and sustain a culture of security; and drive responsible supply-chain and vendor risk management techniques and contract support. In the wake of an attack, we provide a team that has helped clients through more than 450 security incidents and helped draft almost all the US state breach notice and data security laws. We offer charts and information services that capture cybersecurity and breach-related requirements across the 50 states and the world. We field a cohesive team of lawyers in 40 countries that is highly experienced in investigations and incident response, protocols, in protecting privilege throughout an investigation, and in helping clients to adjust security measures in light of the incident. Team members include former SEC lawyers with deep understanding of SEC materiality standards for notifying shareholders. Many more are litigators with strong experience in the claims typically brought in lawsuits filed in response to a cybersecurity incident. OUR CYBERSECURITY TEAM OFFERS: Proactive risk management. Because of the fast-changing nature of cyberattacks, cybersecurity defense is a complex risk management task. We were the only law firm that helped to draft the widely acclaimed NACD Cyber Risk Handbook for corporate directors. We help clients to implement a customized strategy, establish and refine their internal risk management strategy for preventing and responding to cyberattacks, and assist in the implementation of proactive policies and procedures that enable them to respond effectively, preserving attorney-client privilege and mitigating potential litigation and reputational risks associated with cybersecurity incidents. We have relationships with a wide range of cybersecurity experts to help clients to identify emerging threats, detect intrusions and conduct effective forensic investigations. We also focus on identifying and fixing breakdowns in corporate communications and planning that leave vulnerabilities unaddressed. We help clients to adopt nimble, repeatable and durable policies and procedures that fit their organization s culture and resources. Field-tested global crisis management coverage. We can be on the ground, with an integrated team of top cybersecurity technicians and lawyers, helping solve your security problem and cloaking those efforts in privilege, anywhere in the world, within 24 hours of a client request. We have established toll-free response protocols to respond and coordinate immediately. Connections to more than 40 governments around the world. We know the regulators, the advocates and many of the journalists who focus on data breaches and draw on this experience to guide our clients response to a breach incident so as to minimize potential reputational damage. Understanding of the US and international cyber-regulatory environment. We have drafted most of the breach notice laws, offer an online tool summarizing breach notice requirements in 72 countries. Our subsidiary Blue Edge Lab SM offers CyberTrak SM, an easy-to-use online information service that tracks the evolution of cybersecurity-related law in 23 major economies around the world. This work gives us an unrivaled understanding of the ever-changing US and international cyber-regulatory environment that we apply to both reactive and preventive client service. 03
4 Sector-specific focus. DLA Piper believes that our legal advice should be as pragmatic and practical as it is technically excellent. We are attuned to the unique requirements of different sectors and staff our teams with lawyers experienced in the client s sector. INCIDENT RESPONSE CAPABILITIES From the moment a company learns about a potential breach it should be armed with tools to respond quickly and effectively while ensuring that its investigation is privileged. We offer a highly experienced team that has been successful hundreds of times in protecting clients from risks following cybersecurity incidents. Our service in this area includes incident response protocols, crisis coordination and management, data breach response strategy, identifying and preparing required individual, payment card network and state notifications, communication and priority setting with regulators, inclusion of law enforcement as appropriate and responding to Congressional inquiries. We offer clients a step-by-step incident response protocol that prepares clients for breaches before they happen, preserves privilege from moment one and marshals organization, legal and forensic solutions. Among the members of our team are former computer crime prosecutors who have strong relationships with law enforcement that can be invaluable in responding to a hack. We also have a team of litigators around the world who can pursue non-state-sponsored hackers and their hosts in their home countries. We have a clear understanding of potential insurance coverage for these events and advise you of communications to ensure proper notice to carriers and third parties to limit direct and potentially consequential losses. We also work with the carriers to ensure that any improvements or modifications to the company s approach as a result of a breach can form the basis for decreased cost of coverage or enhanced coverage moving forward. RISK MITIGATION AND PROACTIVE STRATEGIES Effective cybercompliance begins with an independent and realistic assessment of the legal, compliance, governance and reputational risks that could threaten your company. DLA Piper has an integrated protocol that works hand-in-glove with cybersecurity technology providers to assess, respond to and mitigate the risks associated with cybersecurity incidents at your company. The protocol is an enterprisewide approach that analyzes these risks and is adaptable to the unique characteristics of your company, regulation of your sector and the geographical location of your data centers and of data subjects. It provides companies and directors with roadmaps to fulfill their respective fiduciary and legal obligations to their shareholders, employees and customers. Furthermore, to help clients address the proliferation of cybersecurity requirements globally, DLA Piper offers an information service that provides quick summaries of cybersecurity-related procurement and compliance requirements in 23 key markets around the world. 04 CYBERSECURITY RISK MANAGEMENT
5 We have devised easy-to-implement, repeatable and trackable methodologies that identify and address gaps, incorporate solutions into current business processes and auditing programs based on risk priorities. The methodologies incorporates rules-based applications, moving response checklists into current protocols. The resulting program addresses identified gaps in a holistic and ongoing fashion across multiple metrics. SUPPLY CHAIN RISK MANAGEMENT A key part of our proactive risk mitigation service involves providing practical, targeted and enforceable risk mitigation strategies throughout a company s supply chain. This usually begins with assessment of heightened risk of cyberincidents throughout a company s supply chain. It then moves to implementing diligence, contracting and vendor management strategies to mitigate and properly allocate cybersecurity risks so that your company is not left absorbing unmanageable liability or violating commitments to regulators, clients, suppliers or the public. These proactive solutions can make a major difference mitigating risk. GOVERNMENT AFFAIRS Our lawyers have been closely engaged in the development of the Cybersecurity Framework and federal and state government cybersecurity requirements. They include former Senate Intelligence Committee Vice-Chair Saxby Chambliss, who oversaw and worked closely with the U.S. agencies charged with cybersecurity preparedness. We are ideally positioned to help clients work with government agencies on implementation of the Administration Cybersecurity Framework and in contesting designations as critical infrastructure directly subject to the Framework. Furthermore, our team features a well-regarded former House Committee chief investigations counsel, who ran 200 hearings during his time on Capitol Hill and is adept at helping clients to manage investigations and excel at congressional hearings LITIGATION We feature some of the most highly experienced litigators in the world in data privacy, class action, insurance coverage, D&O litigation and product liability. This team is comprised of true trial lawyers and an alternative dispute resolution team that work across a global platform to represent clients in every industry that may be subject to liability for a data breach. These litigators represent clients across the spectrum of critical infrastructure and data-intensive sectors. They appreciate the vulnerability of internal and consumer data at the heart of every business sector and have developed strategies to anticipate, prepare and defend against cybersecurity-related claims. Our litigators also benefit from the incomparable experience of our lawyers who are skilled in cyber-regulations and cyber risk management, and frequently work together to assist clients in avoiding and/or mitigating litigation risks. This coordination makes us highly qualified to attack the substantive and procedural aspects of litigation arising out of data breaches and other security incidents. Class Action Litigation. DLA Piper is one of the few firms with actual experience litigating a consumer class action arising out of a data breach. Our lawyers currently represent various corporate entities in the first major multi-district litigation arising out of a data breach. That breach was, at the time, one of the largest recorded data security breaches, affecting more than 77 million consumers, and resulted in the filing of 65 class actions across the country. Our experience in the trenches gives us vast experience and insight into the defense of companies facing litigation arising out of a data breach, including issues of standing, the various theories of liability asserted by plaintiffs and class certification issues. In addition, DLA Piper has a deep bench of class action lawyers skilled in the representation of clients in nationwide and state class action lawsuits, many of which address the issues facing consumers and business in the areas of consumer fraud, the use of data and breach notification. This experience will be vital as the class of potential plaintiffs in these cases grow and the theories of liability evolve. 05
6 Our clients depend on us to anticipate emerging threats; develop streamlined, effective and innovative strategies to respond to the nuances of a particular suit; defeat class certification and the merits of the plaintiffs claims at an early stage; and strategically protect and advance our clients long-term business interests. Our experience in major data breach litigation, combined with our experience in the compliance and regulatory arena, makes us an asset for clients faced with data breach litigation. Securities Litigation. The duty of care for companies and boards now includes proper attention to cybersecurity vulnerabilities. Sophisticated hacks into a company s systems can affect stock prices and trigger derivative shareholder actions. Our securities litigators are experienced in defending companies in derivative shareholder actions and at guiding clients through the delicate process of determining whether the effects of a hack exceed the SEC s materiality threshold requiring notice to shareholders. Product Liability: Our product liability group includes some of the most highly regarded defense lawyers in the world. We advise clients on risk, compliance and business management at every stage of the product life cycle, from product design and development to distribution. Our sophisticated clients use information and technology at each of these stages to share research and testing and to efficiently manufacture and distribute products and services often considering the use of this data beyond immediate product design needs. We collaborate with clients at the front end on issues such as cybersecurity to focus on points of vulnerability raised by hacking in day-to-day use. Examples of these considerations include monitoring of personal vehicles, access to home security and controlled environment systems and access to medical devices and implants. At the back end, we handle crises that involve product recalls, governmental investigations and insurance coverage in the event these systems are breached or alleged to be defective. We collaborate with colleagues around the world to ensure that each client is receiving sound advice based on a multidisciplinary and multijurisdictional approach, and we are ever mindful of the need to protect reputations. 06 CYBERSECURITY RISK MANAGEMENT
7 DLA PIPER RELATIONSHIP*/COOPERATION FIRMS AFRICA AMERICAS ASIA PACIFIC EUROPE Addis Ababa* Accra* Bujumbura* Casablanca Dakar* Dar es Salaam* Johannesburg Gaborone* Kampala* Kigali* Lagos* Luanda* Lusaka* Maputo* Mwanza* Nairobi* Port Louis* Tunis* Windhoek* Albany Atlanta Atlantic City Austin Baltimore Bogota Boston Calgary Chicago Dallas Edmonton Houston Lima Los Angeles Mexico City Miami Minneapolis Montreal New York Northern Virginia Philadelphia Phoenix Raleigh Rio de Janeiro Sacramento San Diego San Francisco San Juan Santiago São Paulo Seattle Short Hills Silicon Valley Toronto Vancouver Washington, DC Wilmington Yellowknife Auckland Bangkok Beijing Brisbane Hong Kong Melbourne Perth Seoul Shanghai Singapore Sydney Tokyo Wellington Aarhus Amsterdam Antwerp Birmingham Bratislava Brussels Bucharest Budapest Cologne Copenhagen Edinburgh Frankfurt Hamburg Helsinki Kyiv Leeds Lisbon Liverpool London Luxembourg Madrid Manchester Milan Moscow Munich Oslo Paris Prague Rome Sheffield St. Petersburg Stockholm Vienna Warsaw Zagreb* MIDDLE EAST Abu Dhabi Al Khobar Doha Dubai Jeddah Kuwait City Manama Muscat Riyadh 07
8 ABOUT US DLA Piper is a global law firm with lawyers located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific, positioning us to help clients with their legal needs around the world. FOR MORE INFORMATION To learn more about DLA Piper, visit or contact DLAPiperCybersecurity@dlapiper.com. DLA Piper is a global law firm operating through DLA Piper LLP (US) and affiliated entities. For further information please refer to Note past results are not guarantees of future results. Each matter is individual and will be decided on its own facts. Attorney Advertising. Jim Halpert, jim.halpert@dlapiper.com, 500 Eighth Street, NW, Washington, DC Copyright 2017 DLA Piper LLP (US). All rights reserved. NOV17 MRS
Association of Corporate Counsel
Type in document reference # if needed Privacy protection in a Globalized World Association of Corporate Counsel New York, 24 March 2015 1 The plan Bringing out the main cross-border privacy issues for
More informationEY Cyber Response Services. Plan. React. Recover.
EY Cyber Response Services Plan. React. Recover. Insurance claim preparation Data recovery How EY can help Data privacy and GDPR compliance Cyber planning Our full suite of cyber capabilities Litigation
More informationTHE PLATFORM EQUINIX VISION
THE PLATFORM EQUINIX VISION Build Here, and Go Anywhere SUMMARY Key trends are driving the need for a single interconnection platform for digital business On the Equinix global interconnection platform
More informationTHE PLATFORM EQUINIX VISION
THE PLATFORM EQUINIX VISION Build Here, and Go Anywhere SUMMARY Key trends are driving the need for a single interconnection platform for digital business On the Equinix global interconnection platform
More informationCloud Computing: Overcoming the Legal and Regulatory Challenges. November
Cloud Computing: Overcoming the Legal and Regulatory Challenges November 2011 2 Cloud Computing: Overcoming the Legal and Regulatory Challenges November 2011 Cloud Computing Overcoming the Legal and Regulatory
More informationCloud Computing - Reaping the Benefits and Avoiding the Pitfalls. Stuart James & Delizia Diaz. Intellectual Property & Technology Webinar
Intellectual Property & Technology Webinar Cloud Computing - Reaping the Benefits and Avoiding the Pitfalls Stuart James & Delizia Diaz 37 Offices in 18 Countries Birmingham Wednesday, 11 July 2012 Speakers
More informationSEC Update. SEC issues new interpretive guidance on cybersecurity disclosures. March 5, Overview
SEC Update March 5, 2018 This is a commercial communication from Hogan Lovells. See note below. SEC issues new interpretive guidance on cybersecurity disclosures On February 21, the Securities and Exchange
More informationHOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA
HOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA Ksenia Andreeva Anastasia Dergacheva Vasilisa Strizh November 27, 2018 2018 Morgan, Lewis & Bockius 2017 Morgan, Lewis & Bockius Contents News from the Russian
More informationFDA Releases FSMA Final Rule on Accreditation of Third Party Certification Bodies
Hogan Lovells US LLP Columbia Square 555 Thirteenth Street, NW Washington, DC 20004 T +1 202 637 5600 F +1 202 637 5910 www.hoganlovells.com MEMORANDUM From: Joseph A. Levitt Elizabeth Barr Fawell Maile
More informationencrypted, and that all portable devices (laptops, phones, thumb drives, etc.) be encrypted while in use and while at rest?
Data Privacy According to statistics provided by the Data Breach Level Index, hackers and thieves are stealing more than 227,000 personal records per hour as of 2017, generally targeting customer information
More information2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action
2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action April 11, 2018 Contact Information Casie D. Collignon Partner Denver 303.764.4037 ccollignon@bakerlaw.com
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationThe Stakes Are Going Up: Hacking and the New Paradigm of Data Breaches
The Stakes Are Going Up: Hacking and the New Paradigm of Data Breaches Edward McNicholas Global Co-Leader, Privacy, Data Security and Information Law Sidley Austin LLP The cyber threat is one of the most
More informationBring Your Own Device Shakes Up IT Departments
Bring Your Own Device Shakes Up IT Departments As employees quietly bring their personal devices to work, and forward-thinking companies respond, this win-win workplace revolution presents some challenges.
More informationGetting to Data Nirvana Data lakes and GDPR
Getting to Data Nirvana Data lakes and GDPR A User's guide 1 Hogan Lovells Data lakes and GDPR: A User's guide 3 Copyright 2018. This report is the property of Hogan Lovells and may not be published or
More informationGDPR and digital advertising: Strategies and best practices for implementing GDPR compliance
IP, Tech & Data GDPR and digital advertising: Strategies and best practices for implementing GDPR compliance Presented by: Gerard M. Stegmaier, Partner, Washington, D.C. October 17, 2018 What is GDPR,
More informationData Breach Preparation and Response. April 21, 2017
Data Breach Preparation and Response April 21, 2017 King & Spalding Data, Privacy & Security King & Spalding s 60 plus lawyer Data, Privacy & Security ( DPS ) Practice is best known for: Experienced crisis
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More informationLEVEL 3 SM WEBSITE ACCELERATION SERVICES
LEVEL 3 SM WEBSITE ACCELERATION SERVICES WEBSITE CONSUMERS ARE IMPATIENT, which makes your website performance extremely critical. Whether you are delivering content to a desktop, tablet or mobile device,
More informationAnatomy of a Data Breach: A Practical Guide for Small Law Departments
Anatomy of a Data Breach: A Practical Guide for Small Law Departments Judy Branzelle is the Chief Legal Officer and General Counsel for Goodwill Industries International, Inc. where she has been employed
More informationThird-Party Cyber Risk Management Webinar May 23, 2017
Third-Party Cyber Risk Management Webinar May 23, 2017 Today s speakers Nikole Davenport Senior Manager Deloitte & Touche LLP Nikole is a senior manager in Deloitte s Cyber Risk Services practice, specializing
More informationCybersecurity. The Board s Role
Board Practice Cybersecurity The Board s Role There are two kinds of big companies in the United States. There are those who ve been hacked and those who don t know they ve been hacked. james comey former
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationSEC Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks
SEC Key Considerations for Public Companies for Mitigating and Disclosing Cybersecurity Risks By Richard A. Blunk (Thermopylae Ventures, LLC) and Apprameya Iyengar (Morrison Cohen LLP) The SEC has continued
More informationCOMMENTARY. Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards
November 2016 COMMENTARY Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards The Board of Governors of the Federal Reserve System ( Federal Reserve Board ), the Federal Deposit Insurance
More informationOne Planet. One Network. Infinite Possibilities.
One Planet. One Network. Infinite Possibilities. IPv6 in the Global Crossing IP Network May 26, 2005 Ed Bursk, Vice President Government Global Crossing Overview Global Crossing was founded seven years
More informationDFARS Cyber Rule Considerations For Contractors In 2018
Portfolio Media. Inc. 111 West 19 th Street, 5th Floor New York, NY 10011 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com DFARS Cyber Rule Considerations For Contractors
More informationData Privacy and Cybersecurity
Data Privacy and Cybersecurity Key Contacts Timothy C. Blank Boston +1 617 728 7154 Dr. Olaf Fasshauer National Munich +49 89 21 21 63 28 Joshua H. Rawson New York +1 212 698 3862 Translate Page In an
More informationEXECUTIVE SUMMARY JUNE 2016 Multifamily and Cybersecurity: The Threat Landscape and Best Practices
Multifamily and Cybersecurity: The Threat Landscape and Best Practices By CHRISTOPHER G. CWALINA, ESQ., KAYLEE A. COX, ESQ. and THOMAS H. BENTZ, JR., ESQ. HOLLAND & KNIGHT Overview Cyber policy is critical
More informationCanada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?
Canada Highlights Cybersecurity: Do you know which protective measures will make your company cyber resilient? 21 st Global Information Security Survey 2018 2019 1 Canada highlights According to the EY
More informationIncident Response and Cybersecurity: A View from the Boardroom
IT, Privacy & Data Security Webinar Incident Response and Cybersecurity: A View from the Boardroom Gerard M. Stegmaier, Reed Smith Partner IT, Privacy & Data Security Samuel F. Cullari, Reed Smith Counsel
More informationDealing with Security and Security Breaches
BEIJING BRUSSELS CHICAGO DALLAS FRANKFURT GENEVA HONG KONG LONDON LOS ANGELES NEW YORK PALO ALTO SAN FRANCISCO SHANGHAI SINGAPORE SYDNEY TOKYO WASHINGTON, D.C. Dealing with Security and Security Breaches
More informationGDPR Privacy Webinar. Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018
GDPR Privacy Webinar Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018 Prioritizing Your Path to GDPR Compliance Presented by Half-Day Workshops Online
More informationAdvising the C-Suite and Boards of Directors on Cybersecurity. February 11, 2015
Advising the C-Suite and Boards of Directors on Cybersecurity February 11, 2015 Agenda Introductions / Administrative Cybersecurity risk legal landscape Cyber threats Legal risks in the aftermath of a
More informationForensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services
Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic
More informationNYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
More informationAvanade s Approach to Client Data Protection
White Paper Avanade s Approach to Client Data Protection White Paper The Threat Landscape Businesses today face many risks and emerging threats to their IT systems and data. To achieve sustainable success
More informationStephanie Zierten Associate Counsel Federal Reserve Bank of Boston
Stephanie Zierten Associate Counsel Federal Reserve Bank of Boston Cybersecurity Landscape Major Data Breaches (e.g., OPM, IRS) Data Breach Notification Laws Directors Derivative Suits Federal Legislation
More informationCyber Risk Services Going beyond limits
Cyber Risk Services Going beyond limits Current Threat Environment Security breaches: 318 Scanned websites with vulnerabilities: 78% Average identities exposed per breach: 1.3 Million Email malware rate
More informationCYBER RISK MANAGEMENT SERVICES Is Your Company Prepared for a Cyber Attack?
CYBER RISK MANAGEMENT SERVICES Is Your Company Prepared for a Cyber Attack? IDENTIFY PROTECT Senior Management and Board- Level Cyber Risk Consultation Cybersecurity Risk Assessment Cybersecurity Program
More informationThe Impact of Cybersecurity, Data Privacy and Social Media
Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus
More informationInvestigating Insider Threats
Investigating Insider Threats February 9, 2016 Jonathan Gannon, AT&T Brenda Morris, Booz Allen Hamilton Benjamin Powell, WilmerHale 1 Panelist Biographies Jonathan Gannon, AT&T, Executive Director & Senior
More informationIIB s Risk Management and Regulatory Examination / Compliance Seminar
IIB s Risk Management and Regulatory Examination / Compliance Seminar Cybersecurity: Regulatory Developments and Industry Practices Presented at: CUNY Graduate Center October 25, 2016 9:00 a.m. 10:15 a.m.
More informationMark Your Calendars: NY Cybersecurity Regulations to Go into Effect
Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect CLIENT ALERT January 25, 2017 Angelo A. Stio III stioa@pepperlaw.com Sharon R. Klein kleins@pepperlaw.com Christopher P. Soper soperc@pepperlaw.com
More informationCyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response
Cyber Incident Response Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response 1 2 Today, no Canadian business is immune from a potential attack. It s no longer
More informationThe Evolving Threat to Corporate Cyber & Data Security
The Evolving Threat to Corporate Cyber & Data Security Presented by: Sara English, CIPP/US Sara.English@KutakRock.com 1 http://blogs.wsj.com/law/2015/12/09/employee error leading cause of data breaches
More informationCyberEdge. End-to-End Cyber Risk Management Solutions
CyberEdge End-to-End Cyber Risk Management Solutions In a rapidly changing landscape, CyberEdge provides clients with an end-to-end risk management solution to stay ahead of the curve of cyber risk. CyberEdge
More informationFinancial Regulations, Enforcement & Cybersecurity
Financial Regulations, Enforcement & Cybersecurity Elizabeth P. Gray May 16, 2017 Copyright 2017 by Willkie Farr & Gallagher LLP. All Rights Reserved. These course materials may not be reproduced or disseminated
More informationForensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services
Forensic Technology & Discovery Services Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services Forensic Technology & Discovery Services EY s Forensic
More informationCYBERCRIMES IN THE UAE PHISHING, HACKING AND DATA LEAKS
CYBERCRIMES IN THE UAE PHISHING, According to the Economist, the world's most valuable resource is no longer oil, but data. The aim of cybercrimes such as phishing and hacking is essentially to gain access
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationThe IBM Platform Computing HPC Cloud Service. Solution Overview
The IBM Platform Computing HPC Cloud Service Solution Overview Industry-leading workload management 20 years managing distributed scale-out systems with 2000+ customers in many industries High performance
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationCYBER THREATS, ACTIVE DEFENSE, AND THE BUSINESS AND LEGAL IMPACTS. October 20, Robert Silvers
CYBER THREATS, ACTIVE DEFENSE, AND THE BUSINESS AND LEGAL IMPACTS October 20, 2017 Robert Silvers +1 202 551 1216 robertsilvers@paulhastings.com Haiyan Tang +86 21 6103 2722 haiyantang@paulhastings.com
More informationCYBER SECURITY TAILORED FOR BUSINESS SUCCESS
CYBER SECURITY TAILORED FOR BUSINESS SUCCESS KNOW THE ASIAN CYBER SECURITY LANDSCAPE As your organisation adopts digital transformation initiatives to accelerate your business ahead, understand the cyber
More informationSEC Issues Updated Guidance on Cybersecurity Disclosure
February 27, 2018 SEC Issues Updated Guidance on Cybersecurity Disclosure On February 21, 2018, the Securities and Exchange Commission (the SEC ) issued an interpretive release providing Commission-level
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More information2017 Data Security Incident Response Report. Be Compromise Ready: Go Back to the Basics
2017 Data Security Incident Response Report Be Compromise Ready: Go Back to the Basics May 9, 2017 Contact Information Theodore J. Kobus, III Leader, Privacy and Data Protection Practice New York 212.271.1504
More informationTIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE
TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,
More informationCYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017
CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017 Sponsored by: Kansas Municipal Utilities Kansas Municipal Energy Agency Kansas Power Pool CYBERSECURITY TRAINING EXERCISE DATE November
More informationSMART CITIES AND BIG DATA: CHALLENGES AND OPPORTUNITIES
SMART CITIES AND BIG DATA: CHALLENGES AND OPPORTUNITIES EUROPEAN UTILITY WEEK NOVEMBER 5, 2014 ERIC WOODS RESEARCH DIRECTOR 2014 Navigant Consulting, Inc. Notice: No material in this publication may be
More informationCYBER INSURANCE: MANAGING THE RISK
CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationTechnical Conference on Critical Infrastructure Protection Supply Chain Risk Management
Technical Conference on Critical Infrastructure Protection Supply Chain Risk Management Remarks of Marcus Sachs, Senior Vice President and the Chief Security Officer North American Electric Reliability
More informationCyber Security Incident Response Fighting Fire with Fire
Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the
More informationCLE Alabama. Banking Law Update. Embassy Suites Hoover Hotel Birmingham, Alabama Friday, February 19, 2016
CLE Alabama Banking Law Update Embassy Suites Hoover Hotel Birmingham, Alabama Friday, February 19, 2016 Best Practices on Managing Cyber-Security Risks J.T. Malatesta III and Sarah S. Glover Maynard Cooper
More informationKeys to a more secure data environment
Keys to a more secure data environment A holistic approach to data infrastructure security The current fraud and regulatory landscape makes it clear that every firm needs a comprehensive strategy for protecting
More informationThe Value of Bipartisanship
About Vectis Vectis At Vectis Strategies we understand how to successfully and properly apply leverage in public relations, government stretch from the corridors of power in Washington, DC to international
More informationCybersecurity Risk Oversight: the NIST Framework and EU approaches
Cybersecurity Risk Oversight: the NIST Framework and EU approaches Antonis Patrikios, Director Privacy & Information Law Group ACC webcast, 10 July 2014 Overview Why cybersecurity matters US NIST Framework
More informationUpcoming PIPEDA Changes What is changing and what to do about it
Upcoming PIPEDA Changes What is changing and what to do about it Danny Pehar Global Television Cyber Security Expert 02 Danny Pehar Put Text Here This slide is 100% editable. Adapt it to your needs and
More informationHow will cyber risk management affect tomorrow's business?
How will cyber risk management affect tomorrow's business? The "integrated" path towards continuous improvement of information security Cyber Risk as a Balance Sheet Risk exposing Board and C-Levels 2018
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationNew York DFS Cybersecurity Regulation:
New York DFS Cybersecurity Regulation: Countdown to the August 28 Compliance Deadline Presented by: Craig Hoffman, Melinda McLellan & Jonathan Forman Moderated by: Carol Van Cleef July 27, 2017 Craig A.
More informationGoverning cyber security risk: It s time to take it seriously Seven principles for Boards and Investors
www.pwc.co.uk Governing cyber security risk: It s time to take it seriously Seven principles for Boards and Investors Dr. Richard Horne Cyber Security Partner PwC January 2017 Board governance is often
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationSOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:
(Solutions Brief) An integrated cybersecurity Administration solution for securing any Large Enterprise. The Industry s most complete protection for the Large Enterprise and Cloud Deployments. KEY SERVICES:
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationCanada Life Cyber Security Statement 2018
Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability
More informationManaging Cybersecurity Risk
Managing Cybersecurity Risk Maureen Brundage Andy Roth August 9, 2016 Managing Cybersecurity Risk Cybersecurity: The Current Legal and Regulatory Environment Cybersecurity Governance: Considerations for
More informationCybersecurity: Pre-Breach Preparedness and Post-Breach Duties
Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties Thursday, October 5, 2017 Presented by: Gerrit Nel, Senior Manager, Cyber Security, KPMG Sunny Handa, Partner, Montreal Cathy Beagan Flood,
More informationBUILT FOR THE STORM. AND THE NORM.
BUILT FOR THE STORM. AND THE NORM. Data volumes are overwhelming. Stakes are sky-high. Time frames are shorter than ever. GET ANSWERS NOW. EM[URGENT]CY EXIT In a world where the routine can quickly become
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationCyber Espionage A proactive approach to cyber security
Cyber Espionage A proactive approach to cyber security #DeloitteRA To mitigate the risks of advanced cyber threats, organisations should enhance their capabilities to proactively gather intelligence and
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationEY Consulting. Is your strategy planning for the future or creating it? #TransformativeAge
2018 Ernst & Young Advisory. All rights reserved. Graphics studio France 1802SG1267. ED 04082018 EY Consulting Is your strategy planning for the future or creating it? #TransformativeAge The better the
More informationStanding Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018
Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018 Contents Background 3 Exercise objectives 4 Day 1 Cyber-range exercise 5 Day 2 Cyberattack scenario 6-7
More informationIt s Not If But When: How to Build Your Cyber Incident Response Plan
CYBER SECURITY USA It s Not If But When: How to Build Your Cyber Incident Response Plan Lucie Hayward, Managing Consultant Michael Quinn, Associate Managing Director each day seems to bring news of yet
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationHow Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner
How Cybersecurity Initiatives May Impact Operators Ross A. Buntrock, Partner ross.buntrock@agg.com 202.669.0495 Agenda Rise in Data Breaches Effects of Increase in Cybersecurity Threats Cybersecurity Framework
More informationHow to be cyber secure A practical guide for Australia s mid-size business
How to be cyber secure A practical guide for Australia s mid-size business Introduction The digital age has bred opportunity for mid-size business. From ecommerce to social media, agile organisations have
More informationSOC 3 for Security and Availability
SOC 3 for Security and Availability Independent Practioner s Trust Services Report For the Period October 1, 2015 through September 30, 2016 Independent SOC 3 Report for the Security and Availability Trust
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationIT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18
Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are
More informationRIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015
www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad
More informationPRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology
PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology 24 October 2017 Content Overview of Cyber Security Law Observations on Implementation of Cyber
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationSOC for cybersecurity
April 2018 SOC for cybersecurity a backgrounder Acknowledgments Special thanks to Francette Bueno, Senior Manager, Advisory Services, Ernst & Young LLP and Chris K. Halterman, Executive Director, Advisory
More informationDATA BREACH NUTS AND BOLTS
DATA BREACH NUTS AND BOLTS Your Company Has Been Hacked Now What? January 20, 2016 Universal City, California Sponsored by Hogan Lovells Moderator: Stephanie Yonekura, Hogan Lovells #IHCC16 Panelists:
More informationWHAT SECTION 215A OF THE FEDERAL POWER ACT MEANS FOR ELECTRIC UTILITIES. Stephen M. Spina J. Daniel Skees Arjun P. Ramadevanahalli December 17, 2015
WHAT SECTION 215A OF THE FEDERAL POWER ACT MEANS FOR ELECTRIC UTILITIES Stephen M. Spina J. Daniel Skees Arjun P. Ramadevanahalli December 17, 2015 2015 Morgan, Lewis & Bockius LLP Agenda Introduction:
More information