About the Conference

  • 10 hrs OH CLE credit pending (incl. 1 credit Professional Ethics)
  • 10 hrs IAPP CPE credit pending

A truly cross-sector event now in its 8th year, CSU College of Law’s Cybersecurity and Privacy Protection Conference is one of the leading educational and networking events in the Great Lakes Region, and features rich content of interest to legal and compliance professionals, information technology and security experts, and executives responsible for developing security and privacy policies.

In-person and livestream attendance options.

Registration opens at 7:30 am each day in the law school atrium. Program begins at 8:00 am each day.

For additional information and questions, email:

Cyber+ Law Students Scholarship Fund

The Center is partnering with the Cleveland Metropolitan Bar Association’s Cyber+ Section to fund the Cyber+ Law Student Scholarship Fund. This fund will provide financial support to CSU College of Law students and students from other local law schools who are pursuing professional interests in Cybersecurity, Data Privacy and Emerging Technologies.

Keynotes & Featured Speakers

Tony sager

Senior Vice President and Chief Evangelist for The Center for Internet Security

Tony is currently Senior VP & Chief Evangelist for the Center for Internet Security (CIS), leading a wide variety of strategic, partnership, and outreach activities. He led the work which later became known as the CIS Critical Security Controls – an independent, volunteer-developed, cyber defense best practices program which is used throughout the industry. Tony has led numerous other activities to develop, share, scale, and sustain effective defensive cyber practices for worldwide adoption.

In addition to his duties at CIS, Tony is a volunteer in numerous cyber community service activities: inaugural member of the DHS/CISA Cyber Safety Review Board; Advisor to the Minnesota Cyber Security Summit; Advisory Boards for several local schools and colleges; formerly a member of the National Academy of Sciences Cyber Resilience Forum; and service on numerous national-level study groups and advisory panels.

Tony retired from the National Security Agency in 2012 after 34 years as a mathematician, computer scientist, and executive manager. As one of the Agency’s first Software Vulnerability Analysts, he helped create and led two premier NSA cyber defense organizations (the System and Network Attack Center, and the Vulnerability Analysis and Operations Group). In 2001, he led the release of NSA security guidance to the public and expanded NSA’s role in the development of open standards for security.

In 2023, Tony was inducted into the Cybersecurity Hall of Fame

Holly Drake

Chief Information Security Officer, State of Ohio

Holly Drake was appointed State of Ohio Chief Information Security Officer in February 2023 and brings extensive experience managing cybersecurity and privacy teams in complex organizations. As CISO, she leads the Office of Information Security and Privacy that supports the productivity, innovation, and organizational objectives of the state to provide secure services to Ohio citizens.

Drake was most recently Deputy Cybersecurity Strategic Advisor for CyberOhio within the office of Ohio Governor Mike DeWine. As a member of the CyberOhio team, she built cybersecurity governance and technical maturity to protect Ohioans and their state government from today’s complex challenges.

Her information governance and oversight career initially spanned senior roles in private sector organizations ranging from mid-market to Fortune 50 in size where she drove the development of privacy, cybersecurity, and compliance initiatives. Prior joining to the State of Ohio, Drake built a bespoke privacy program for The Ohio State University, one of the largest educational institutions in the United States. She also led the cybersecurity governance teams, with responsibility for policy, cybersecurity control framework, risk assessment, disaster recovery, and data governance.

In either the public or private sectors, her mission is to always bring a pragmatic, collaborative approach to solving business and compliance challenges by balancing the uses of information while keeping core privacy and cybersecurity principles at the fore.

A graduate of The Ohio State University, Case Western Reserve University, and Capital University, Drake also maintains CIPP, CIPT, CISSP, and CISA certifications. She currently serves several industry initiatives while outside of work, she is a volunteer and advocate for literacy initiatives in her community.

Kirk Herath

Cybersecurity Strategic Advisor for the State of Ohio

Kirk Herath was recently appointed as the State of Ohio’s first Cybersecurity Strategic Advisor by Governor Mike DeWine. Prior to his appointment, he was a Principal with Pillars Consulting Group. He recently retired as Vice-President, Associate General Counsel and Chief Privacy Officer for Nationwide Insurance Companies and affiliates based in Columbus, Ohio.

For over two decades, Herath was responsible for all legal issues at a Fortune 100 financial services company impacting various cybersecurity matters. He was responsible for corporate privacy policy, data and security incident management and implementing privacy across all lines of business. Herath has represented clients on many industry privacy and Cybersecurity policy groups and before legislative and regulatory bodies.

Currently, Herath is Chairman of CyberOhio, Ohio’s Cybersecurity Advisory Board, and a member of the InnovateOhio Advisory Board under the direction of Lt. Governor Jon Husted and Governor Mike DeWine. He is Past President and past board member of the International Association of Privacy Professionals and is still active within the association. He also served on the U.S. Department of Homeland Security’s Data Privacy and Integrity Advisory Committee from 2005 to 2011. Herath edited the privacy practitioners’ bible, “How to Build a Privacy Program”, published by the IAPP Press.

Daniel J. Riedl

Department of Justice

Dan Riedl is the Chief of the National Security and Cyber Unit at the United States Attorney’s Office for the Northern District of Ohio.  He specializes in cases involving ransomware, malware and theft of intellectual property.  Prior to moving to Cleveland, he was an Assistant Prosecuting Attorney in Franklin County, Ohio, and a Special Prosecutor for the Ohio Attorney General’s Office.  Dan received his BA in Government and International Studies from the University of Notre Dame and his JD from The Ohio State University Moritz College of Law. 

Conference Sponsors

Scroll to Top