Cyber Security Breaches: Consequences for Your Firm in 2016 and Beyond
Many businesses and organizations will continue to be at great risk of losing large amounts of confidential data to well organized and sophisticated cyber criminals. Such breaches will have serious financial, legal, regulatory, and reputational consequences.
Breaches of information security and individual privacy continue to increase in severity and frequency. In 2014, several companies were cracked* and many more hacked. In August 2014, a breach of Community Health Records resulted in theft of 4.5 million records of patients, and in November 2014, Staples, Inc. was cracked resulting in the theft of 1.2 million credit and debit card records.
Fundamentally, these breaches represent a lack of education of the public regarding basic security, a lack of diligence of companies regarding their own and their customer’s security, and the sophistication of crackers many of whom increasingly are part of sophisticated national and international criminal groups.
Cyber security risks include new malware in older computer code, such as Heartbleed / OpenSSL and Shellshock / Bash, exploitable flaws in the IPv6 protocol, rootkits, bootkits, and bots (which the US government uses to spy on the public), espionage ware, ransomware, third party attacks, and malvertising. Crackers and state sponsored or politically motivated attackers also will continue to use more sophisticated methods of evasion and diversion. At risk of attack are Mobile to Mobile communications in automated industries like power generation and oil or gas extraction, new wearable technologies, infrastructure of The Internet of Things, big data and analytics servers (‘salami attacks’), cloud services, mobile technology, social networks, retail sales and payment systems (ATM), open source software, and web technology. In addition, anonymous data being collected through social networks, security cameras, creditcard transactions, and other means can be united sufficiently to pose a threat to individuals, corporations, and governments. However, a significant and rapidly emerging risk is the Personally Identifiable Information (PII) stored by healthcare organizations.
In a two hour LIVE Webcast, a panel of thought leaders and professionals assembled by The Knowledge Group will discuss the methods used in Cyber Security Breaches with emphasis upon the Consequences for Your Firm in 2015 and beyond. In addition, speakers will provide insight into the latest trends and best practices in mitigating and dealing with Cyber Security Breaches.
* Cracker – A computer hacker who carries out illegal and malicious breach of computer systems to steal or damage property.
Key topics include:
- Growth and Development of Cyber Security Breaches
- Understanding the Goals of Breach Perpetrators
- Understanding the Principal Cyber Security Vulnerabilities
- Cyber Security Breach Methods of Attack
- Understanding the Real Financial, Legal, and Reputational Risks of a Breach
- How to Identify Your Particular Breach Vulnerabilities and Risks
- How to Best Reduce Your Risks From A Breach
- Avoiding Common Failures & Pitfalls
- Overview and Direction of Cyber Security Litigation
Joseph M. Burton, Partner
Duane Morris LLP
- What Are The Three Most Important Cybersecurity Concepts That Business Leaders Must Understand and Embrace?
- What Are The Seven Most Critical Actions Businesses Must Take To Achieve Legally Defensible Cybersecurity?
- Cybersecurity Breach Litigation: Is There Anything To Worry About?
Timothy Harkness, Partner
Freshfields Bruckhaus Deringer US LLP
- Board responsibility for cyber security
- International approaches to cyber security
- Law enforcement involvement in the cyber security issues of private companies
Jon C. Stanley, Counsel
Verrill Dana LLP
- What is new in Cyber Security Breach Response? Vermont AG most recent actions? Outlier, or shapes of things to come?
- The numbers say files breach in the last year have soared? Let’s assume this is true for the moment. If so, has there been a corresponding increase in ID Theft? Credit card fraud? If no, why not? What might they be after?
- In the wake of increased cyber insurance coverage who will run the legal team in a breach response? Victim’s legal team? Insurance counsel? Who decides? What are the variables in the decision?
Serge Jorgensen, President and Founding Partner
The Sylint Group
- Who are the Attackers
- Types of Attacks – how and why
- Law Firms as Targets
Who Should Attend:
- Cyber Security Lawyers
- Cyber Security Professionals
- Top Level Management
- Data Privacy Officers
- Private and Public Companies
- Legal Counsel
- Cyber Security Professionals
- Other Related/Interested Professionals and Organizations
Tim represents clients in complex commercial litigation and frequently counsels global clients about US legal risks. He has played prominent roles in major cases involving international financial service and accounting firms in securities fraud cases, hedge fund-related litigation, commercial disputes and before bankruptcy courts. Professional services and private equity firms, manufacturers and media companies call upon Tim’s knowledge and experience in commercial arbitrations and civil litigation arising from claims of fraud, breach of contract, malpractice, and veil piercing.
Tim represents clients in complex commercial litigation and frequently counsels global clients about US legal risks. He has played prominent …
Joseph M. Burton is a Partner in, and the former Managing Partner for, the San Francisco Office of Duane Morris LLP. He is a nationally recognized legal expert on issues of Data Security. He brings more than 25 years of experience to handling the full range of issues which may arise from any civil or criminal Data Security matter. This deep background and experience allows him to (1) assist individuals and businesses to understand and properly exercise their rights and responsibilities regarding the security of digital information; (2) provide advice concerning all aspects of the prevention, detection, investigation, and response to data breaches and other cybersecurity incidents and ; (3) provide advice regarding compliance with statutory, regulatory, and contractual requirements related to Data Security and privacy.
Joseph M. Burton is a Partner in, and the former Managing Partner for, the San Francisco Office of Duane Morris …
For the past 20 years, Jon Stanley has counseled clients on a wide range of risk management and cybersecurity issues, including: compliance with relevant international, federal and state laws and regulations, government and industry standards (such as NIST and PCI), authentication, Public Key Infrastructure, identify theft and security breaches. His clients have included the State of Maine, major financial institutions, including: Financial Services Technology Consortium (FSTC); Japan’s Ministry of Economy, Trade and Industry; a number of technology startups: CNA Insurance; and health care sector vendors, nationwide.
Jon earned his J.D. from University of Maine, and he has a Master’s in Law from the University of Strathclyde, in Scotland, where his dissertation topic was “Civil Remedies: The United States Computer Fraud and Abuse Act.”
For the past 20 years, Jon Stanley has counseled clients on a wide range of risk management and cybersecurity issues, …
Serge Jorgensen is President and a founding partner of The Sylint Group. He provides technical development and guidance in the areas of Computer Security, Counter Cyber-Warfare, eDiscovery, System Design and Incident Response. Mr. Jorgensen is a patented inventor in engineering and math-related fields. Prior to co-founding The Sylint Group, Mr. Jorgensen ran the Research and Development Department for Locast Corporation developing a HIPAA-compliant patient location- and status-tracking device. Since co-founding Sylint, Mr. Jorgensen has, among his other accomplishments, directed development of DNS (Dynamic Name Server) tracking applications, provided response and remediation guidance to multi-billion dollar international espionage and cyber-security attacks, and directed, tasked and managed multi-million dollar litigation, forensic and electronic discovery efforts.
Serge Jorgensen is President and a founding partner of The Sylint Group. He provides technical development and guidance in the …
Print and review course materials
Method of Presentation:
On-demand Webcast (CLE)
NASBA Field of Study:
Specialized Knowledge and Applications
NY Category of CLE Credit:
2.0 CPE (Not eligible for QAS (On-demand) CPE credits)
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About Freshfields Bruckhaus Deringer US LLP
Freshfields is a leader among international law firms, having handled some of the most complex and groundbreaking global transactions in recent years. With more than 2,700 lawyers in 27 key business centers throughout the United States, Europe, Asia, Latin America and the Middle East, the firm provides a comprehensive service to national and multinational corporations, financial institutions and governments. Since 2009 we have worked on cross-border deals worth in excess of $690bn, more than any other law firm in the world.
In the United States, we focus on our firm’s core transactional and dispute resolution strengths, including corporate, antitrust, capital markets, finance and tax, as well as white collar, commercial and securities litigation and international arbitration. We have more than 200 lawyers based in the United States and more than 225 US-qualified lawyers working in our offices around the world.
About Duane Morris LLP
Duane Morris LLP, a law firm with more than 700 attorneys in offices across the United States and internationally, is asked by a broad array of clients to provide innovative solutions to today’s legal and business challenges.
About Verrill Dana LLP
Verrill Dana is a full service law firm with more than 130 attorneys and a growing number of service-based practice groups. The firm has a regional presence in the Northeast, with offices from Maine to Washington, D.C., allowing it to serve clients with interests across the country and around the world. Through scalable staffing, careful communication and skillful project management, Verrill Dana helps individuals and businesses achieve their goals in a manner that suits their unique legal needs and preferred work methods.
Verrill Dana embraces the principles behind the Association of Corporate Counsel Value Challenge. It is committed to providing value-driven, quality legal services and practical solutions in a cost-effective manner. Its lawyers are not satisfied being only quality service providers. They strive to earn the status of trusted counsel, advocates and allies in their clients' success.
About The Sylint Group
The Sylint Group, Inc. provides leading edge expert services in Cyber Security, Digital Data Forensics and eDiscovery. Our team is made up of experts from the National Security Agency (NSA), Department of Defense, law enforcement, industry experts and patent-holding engineering staff specializing in computer forensics, software, electronic and computer engineering. Sylint’s group of engineering and investigative professionals is headquartered in Sarasota, Florida, with other locations in California.