Registration & Breakfast

Sponsored by Virtus Cybersecurity, LLC

Welcome & Introductions

• Brian Ray, Co-Interim Dean, CSU Law

Patchwork in Progress: State Privacy and Cybersecurity Law Developments

• Marcel Duhamel, Partner, Data Security & Privacy, Vorys LLP
• Maxwell Herath, Associate Porter Wright LLP
• Ariel Fox Johnson, Principal, Digital Smarts Law & Policy LLC (lead)
• Jennifer Reuhr, Co-Managing Partner and Co-Chair, Workplace Privacy Group, Hintze Law PLLC

As state legislatures continue to fill the federal vacuum on data privacy and cybersecurity, organizations face an increasingly fragmented compliance environment spanning consumer rights and workplace surveillance to breach reporting and AI. This panel will highlight the most significant state law developments of the past year and emerging obligations on the horizon.

Breach Ready: What Your Legal, PR, and Security Teams Need to Agree On Now

• Gabrielle Hartstein, Associate, Dinsmore LLP
• Zachary Jacobson, Associate, McDonald Hopkins LLC
• Tim Ragones, Managing Director, Joele Frank
• Bogdan Salamakah, CEO, Virtus Cybersecurity, LLC

When a data breach occurs, misalignment among legal, communications, and cybersecurity teams can turn a manageable incident into a crisis. This session brings experts in all three domains to discuss the tensions, close the gaps, and help organizations build a successful breach response strategy.

Networking Break

<Sponsored by McDonald Hopkins LLC>

Lessons Learned: Recent Privacy, Cybersecurity and AI Enforcement

• Kirk Nahra, Co-Chair Artificial Intelligence, Co-Chair Cybersecurity and Privacy, WilmerHale LLP

While approaches and priorities change, privacy and security enforcement continues to expand and evolve. This session will explore recent enforcement developments at both the state and federal level and will provide guidance and thoughts on lessons learned for the future about these enforcement activities.

Lunch

Sponsored by UB Greensfelder LLP

Fireside Chat with Federal Trade Commissioner Mark Meador

• Mark Meador, Federal Trade Commissioner
• Brian Ray, Co-Interim Dean, CSU Law

<no content>

The Federal Regulatory Landscape

• Douglas Geho, Deputy Director, Consumer Protection Bureau, Federal Trade Commission
• Frances Floriano Goins, Partner, UB Greensfelder LLP
• Douglas Meal, Adjunct Professor, CSU Law
• Joseph Dickinson, Partner, Kaufman & Canoles
• Brian Ray, Co-Interim Dean, CSU Law (moderator)

At the federal level, data security and privacy compliance demands are evolving across sectors and disciplines. This panel maps the current federal enforcement environment and explores how regulated organizations should navigate its growing complexity

Networking Break

Sponsored by McDonald Hopkins

Privacy and Data Breach Class Actions

• Kristin Bryan, Partner, Squire Patton Boggs LLP
• Douglas Meal, Adjunct Professor of Law, CSU Law

Privacy and data breach class actions have exploded in volume and complexity, with plaintiffs advancing novel theories under state laws while courts continue to wrestle with standing, injury, and the boundaries of statutory damages liability. This panel brings together seasoned litigators to examine the cases and doctrinal developments reshaping the litigation landscape, from class certification battles and mass arbitration tactics to the negligence frameworks emerging from high-profile breach suits.

The Board Wants Answers: Who Owns What in Cyber Governance?

• Paul Beckwith, Chief Security Officer, Progressive Insurance
• Chris Cronin, Partner, HALOCK
• Mehmet Munur, Partner, Taft LLP
• Timothy Opsitnick, Executive Director, Sedona Conference
• Jess Walpole, President, Fortress SRM

Boards are demanding clear accountability for cyber risk—without getting lost in technical jargon. This panel breaks down “who owns what” across legal, privacy/compliance, and security: decision rights, escalation triggers, metrics that mean something, and how to document risk acceptance so it holds up under audit, regulatory scrutiny, and post-incident review.

Reception

<Sponsored by Centric Consulting>

Welcome & Introductions

Data Ethics (Ohio Ethics CLE Credit pending)

• Kirk Herath, Senior Fellow and Adjunct Professor, CSU Law (lead)
• Brian Mannion, Chief Legal Officer, Aware
• Dr. Arlonda Stevens, VP Senior Compliance Program Manager, PNC Bank

Organizations face difficult challenges when it comes to ethically informed data collection, sharing and use. There is also a growing demand for incorporating ethical considerations into products and services involving big data, AI, and machine learning, and increasing recognition of the potential bias in them. This panel will discuss these challenges as well as emerging best practices for ethical data collection, processing and use and mitigating bias in the use of AI.

From Defense to Resilience: Securing the AI-Cloud Enterprise

• Kevin Goodman, Managing Director, Partner, BlueBridge Networks
• Marcus Noel, Chief Security Officer, ReliabilityFirst Corporation
• Tony Pietrocola, Co-Founder and President, AgileBlue
• Spence Witten, Senior Advisor, 38 North Security (lead)

The convergence of AI and cloud has dramatically expanded both the attack surface and the tools available to defenders creating new opportunities for organizations willing to rethink security from the ground up. Drawing on experience spanning cloud infrastructure services, AI-driven threat detection, and cybersecurity advisory across healthcare, financial services, and critical infrastructure, this panel examines how forward-thinking organizations are shifting from reactive defense to proactive resilience.

Networking Break

Sponsored by Benesch

State AI & Security Laws

• Jessica Cohen, Senior Counsel, Verizon
• Jeremy Mio, Interim Deputy Chief Technology Officer, Cuyahoga County
• Cory Scott, Executive Director, Center for Cybersecurity & Privacy Protection, CSU Law

This panel will give attendees a practical, Ohio-focused overview of two fast-moving areas: HB 96 cybersecurity requirements for political subdivisions and the current landscape for AI regulation. Speakers will lay out what HB 96 expects (including incident reporting and the state’s posture on ransom payments), then move into what AI bills and policy proposals are realistically in play in Ohio and how they compare to activity in other states. The discussion will emphasize real-world implementation and enforcement challenges—especially what audits and evidence expectations may look like, and the resource constraints facing both government entities and regulators.

AI Governance

• Brenda Leong, Director, AI Division, Zwillgen PLLC
• Kevin Mooney, Associate General Counsel, Privacy & Regulatory Chair, SureScripts
• Matthew Neely, Director of Information Security, Progressive Insurance
• Michael Stovsky, Partner and Practice Chair, Benesch LLP
• Cory Scott, Executive Director, Center for Cybersecurity & Privacy Protection CSU Law

As AI moves from pilot to production across every sector, organizations are under growing pressure to govern it responsibly while navigating emerging state laws, federal agency guidance, and evolving standards like the NIST AI Risk Management Framework. This panel tackles the hard questions: how to operationalize risk management, where legal liability is crystallizing, and what organizations getting this right are actually doing differently.