The Cyber Risk practice of Kroll, a division of Duff & Phelps, joins over 3600 professionals from around the world for IAPP’s Global Privacy Summit 2019 in DC, one of the most anticipated privacy events of the year. Amidst the growth of regulatory requirements and increased focus on consumer privacy, Jason Smolanoff, Global Cyber Risk Practice leader, will discuss how information security leaders and senior executives may reduce their personal liability following data breaches by implementing a defensible cybersecurity strategy. Session details below:
Save Your (Cyber) Bacon – Keeping CISOs and C-Suiters Off the Witness Stand
Date: May 3, 2019
Location: Salon 3, Level M2
In the wake of the most recent wave of data breaches, the department of justice, the securities exchange commission, and a host of other state and federal regulators have initiated criminal and civil investigations into potential misconduct by the “victim” companies and their executives. As a result, c-suite executives, particularly chief information security officers, as well as other members of the company’s information security team increasingly are coming under intense scrutiny, facing legal proceedings, and becoming the targets of regulators, plaintiffs, the press, and even their own company.
On one end, executives and security professionals are losing their jobs, reputation, and even their careers, as they are easy and obvious scapegoats. On the other end, federal criminal prosecutors are taking a hard look at whether CISOs or members of their team violated criminal laws, with well-publicized criminal investigations at Yahoo!, Uber, and Equifax, that last of which has already resulted in criminal insider trading charges filed against the deputy Chief Information Officer. In short, the stakes have never been higher. As a result, information security professionals need to become more aware of the personal risks that they face, the legal landscape for incident response and security generally, and how to best protect themselves, their jobs and their careers.
- Personal liability risks to information security professionals, both civil and criminal
- Involvement in independent investigations, criminal investigations, litigation, and regulatory proceedings
- Getting your own personal legal counsel, and how to get the Company to pay for it
- Risky conduct, common pitfalls, and best practices
- Negotiating protections and indemnification during the hiring process
- Developing and implementing a defensible information security strategy
- The role cyber insurance coverage can play in transferring risk
- Jason Smolanoff – Senior Managing Director, Global Cyber Risk Practice Leader, Kroll
- Aravind Swaminathan – Global Co-Chair Cyber, Privacy & Data Innovation, Orrick
Meet the Kroll Cyber Risk Team
Kroll’s Cyber Risk practice is proud to sponsor IAPP’s Global Privacy Summit 2019. We look forward to meeting you at the Kroll exhibit both #126.
End-to-end cyber security services provided by unrivaled experts.Cyber Risk
Incident Response Management
Compliant notifications, reputation-saving remediation, and litigation support.Incident Response Management
Identity Theft and Breach Notification
Services include drafting communications, full-service mailing, alternate notifications.Identity Theft and Breach Notification
June 12-14, 2019 Philadelphia
June 3-4, 2019 Chicago