Federal Regulatory Updates and Investigations

• Kristin Bryan, Partner, Squire LLP
• Frances Floriano Goins, Partner, Ulmer & Berne LLP
• Brian Ray, Leon & Gloria Plevin Professor of Law, CSU Law
• Peter Senechalle, Staff Attorney, U.S. Securities & Exchange Commission
• Jon Steiger, East Central Regional Director, Federal Trade Commission

From the Federal Trade Commission’s proposed rules on commercial surveillance and groundbreaking action against GoodRx to the Securities and Exchange Commission’s proposed incident reporting requirements, this past year has been an active one on the cyber and privacy regulatory front. Hear from federal regulators and leading practitioners what these developments mean and how to prepare for regulatory investigations.

State Privacy Laws: Convergence or Chaos?

• Jackson Biesecker, Associate, Privacy, Data & Cybersecurity, Jackson Lewis P.C. 
• Ariel Fox Johnson, Senior Privacy Counsel, Zoom
• Keir Lamont, Director, U.S. Legislation, Future of Privacy Forum
• Lydia de la Torre, Founder, Golden Data Law, CPPA Board Member

State privacy lawmaking activity is on the rise—from California’s regulations implementing CPRA to new omnibus consumer privacy laws in as well as targeted laws for biometrics, online privacy, and ISP privacy.  Join this panel of experts to discuss these trends and what organizations should do to prepare for them.

Networking Break

Sponsored by Ulmer & Berne LLP

The National Cyber Strategy and Your Cybersecurity Program

• Terence Check, Senior Counsel, U.S. Department of Homeland Security
• Damon Hacker, President and CEO, Vestige Digital Investigations
• Thomas Moran, Associate, Baker Hostetler LLP
• Michael Stovsky, Benesch LLP
• Spence Witten, Senior Advisor, 38 North Security

The Biden administration s long-awaited national cybersecurity strategy calls for new security regulations, moves to hold software manufacturers liable for insecurity, commits to an aggressive offensive strategy against cyber criminals and identifies the need for cyber insurance backstop. This panel will unpack what all this means for the U.S. cyber policy and what it means for your organization’s cybersecurity program.

Lunch

What is “Reasonable” Security?

• Chris Cronin, Partner, HALOCK Security Labs
• Timothy Murphy, Senior Assistant Attorney General, Pennsylvania
• R. Jason Straight, Senior Managing Director, Ankura
• Karen Worstell, Senior Cybersecurity Strategist, VMware

Cybersecurity regulations and industry standards generally incorporate a “reasonableness” standard but defining reasonableness is notoriously challenging. This panel will discuss an emerging set of best practices for developing a defensible cybersecurity program, including: (1) Prove You are Ready: Using the test Pre- & Post-Breach; (2) Good Test results: Why it is a Valuable Tool!; and (3) How Test Documentation Prevails in Standing Up to Litigation & Claims.

Implementing Effective Cybersecurity and Privacy Programs

• William Berglund, Senior Corporate Counsel, Cybersecurity, Indeed
• Andy Jones, CEO, Fortress SRM
• Matthew Neely, Director of Information Security, Progressive Insurance
• Jennifer Miller, Director, Legal & Global Privacy Officer, Hyland
• Nick Walton, Senior Associate, Risk Consulting, RSM

What should an organization do to deal with the growing number of new cybersecurity and data privacy regulations? Learn how to create, implement and revise your cybersecurity and privacy program to address the challenging new regulatory environment.          

Networking Break

Sponsored by Benesch LLP

Cyber Crime

• Jeffrey Biller, Professor, United States Air Force Academy, Adjunct Professor, CSU Law
• James Giszczak, Co-Chair, Data Privacy and Cybersecurity, McDonald Hopkins, LLC
• Jo-Lein Quarles, Supervisory Special Agent, Federal Bureau of Investigations
• Daniel Riedl, Assistant U.S. Attorney, Department of Justice
• Tim Opsitnick, Executive Vice President and General Counsel, TCDI

According to the World Economic Forum’s Global Cybersecurity Outlook 2023 report 93% of cyber leaders and 86% of business leaders think it is “moderately likely” or “very likely” that global geopolitical instability will lead to a far-reaching, catastrophic cybersecurity event in the next two years. Hear from law enforcement and cyber crime experts on how to prepare for the ever-evolving cyber threat landscape.

Keynote: State of Ohio Cybersecurity Initiatives and Policy Updates

• Kirk Herath, Cybersecurity Strategic Advisor, State of Ohio 

Ohio’s first Cybersecurity Strategic Advisor will discuss data security and privacy legal and regulatory developments in Ohio.

Cocktail Reception

Data Ethics

• Shontael Elward, Analytic Scientist Lead Statistical Modeling & AI/ML Ethicist, Nationwide Insurance
• Kirk Herath, Cybersecurity Strategic Advisor, State of Ohio, Adjunct Professor, CSU Law
• Brian Mannion, Chief Legal Officer, Aware
• Kirk Nahra, Co-chair Wilmer Hale Cybersecurity and Privacy and Big Data Practices

Organizations face difficult challenges when it comes to ethically informed data collection, sharing and use. There also is growing demand for incorporating ethical considerations into products and services involving big data, AI and machine learning and increasing recognition of the potential bias in them. This panel will discuss these challenges as well as emerging best practices for ethical data collection, processing and use and mitigating bias in the use of automated decision-making.

Keynote: What the Information Blocking Rules Means for You

• Deven McGraw, Lead, Data Stewardship & Data Sharing, Invitae

Hear from healthcare privacy expert Deven McGraw, who previously served as Deputy Director for Health Information Privacy at OCR, as well as Acting Chief Privacy Officer at ONC, to discuss the forthcoming information blocking rules, upcoming HIPAA overhaul, and more.

Keynote: CISA Update

• Terin Williams, Cyber Security Advisor, Department of Homeland Security – Cybersecurity & Infrastructure Security Agency (CISA)

Advisor Williams will discuss DHS and CISA’s role in bringing together critical infrastructure owner/operators with federal, state, local, and other stakeholders to maximize collaboration and minimize cyber risk in the State of Ohio.