Keeping CISOs and C-Suiters Off the Witness Stand: IAPP Global Privacy Summit

May 1 - 3, 2019 | (Conference)
Walter E. Washington Convention Center 801 Mt. Vernon Pl. NW Washington, D.C , 20001 , Countries

Incident Response Forum 2019

The Cyber Risk practice of Kroll, a division of Duff & Phelps, joins over 3600 professionals from around the world for IAPP’s Global Privacy Summit 2019 in DC, one of the most anticipated privacy events of the year. Amidst the growth of regulatory requirements and increased focus on consumer privacy, Jason Smolanoff, Global Cyber Risk Practice leader, will discuss how information security leaders and senior executives may reduce their personal liability following data breaches by implementing a defensible cybersecurity strategy. Session details below:

Save Your (Cyber) Bacon – Keeping CISOs and C-Suiters Off the Witness Stand

Date: May 3, 2019

Location: Salon 3, Level M2

Register now.

In the wake of the most recent wave of data breaches, the department of justice, the securities exchange commission, and a host of other state and federal regulators have initiated criminal and civil investigations into potential misconduct by the “victim” companies and their executives.  As a result, c-suite executives, particularly chief information security officers, as well as other members of the company’s information security team increasingly are coming under intense scrutiny, facing legal proceedings, and becoming the targets of regulators, plaintiffs, the press, and even their own company.

On one end, executives and security professionals are losing their jobs, reputation, and even their careers, as they are easy and obvious scapegoats.  On the other end, federal criminal prosecutors are taking a hard look at whether CISOs or members of their team violated criminal laws, with well-publicized criminal investigations at Yahoo!, Uber, and Equifax, that last of which has already resulted in criminal insider trading charges filed against the deputy Chief Information Officer.  In short, the stakes have never been higher.  As a result, information security professionals need to become more aware of the personal risks that they face, the legal landscape for incident response and security generally, and how to best protect themselves, their jobs and their careers. 

Key takeaways:

  • Personal liability risks to information security professionals, both civil and criminal
  • Involvement in independent investigations, criminal investigations, litigation, and regulatory proceedings
  • Getting your own personal legal counsel, and how to get the Company to pay for it
  • Risky conduct, common pitfalls, and best practices
  • Negotiating protections and indemnification during the hiring process
  • Developing and implementing a defensible information security strategy
  • The role cyber insurance coverage can play in transferring risk


  • Jason Smolanoff – Senior Managing Director, Global Cyber Risk Practice Leader, Kroll
  • Aravind Swaminathan – Global Co-Chair Cyber, Privacy & Data Innovation, Orrick

Meet the Kroll Cyber Risk Team

Kroll’s Cyber Risk practice is proud to sponsor IAPP’s Global Privacy Summit 2019. We look forward to meeting you at the Kroll exhibit both #126.

Register now.