The Politics and Policy of Cyber Security: Examining Agency Agendas and Enforcement Initiatives Relative to Breach and Disruption

April 11, 2018 8:15am

Arsen Ablaev
Senior Attorney, Division of Enforcement
U.S. Securities and Exchange Commission (Chicago, IL)

Gene Fishel
Senior Assistant Attorney General and Chief of the Computer Crime Section
Office of the Virginia Attorney General (Richmond, VA)

Michael Hawes
Director of the Student Privacy Policy and Assistance Division (SPPAD)
U.S. Department of Education (Washington, DC)

Jeremy Pearlman
Assistant Attorney General Department Head Privacy and Data Security Department
Office of the Attorney General, State of Connecticut (Hartford, CT)

Eric Shiffman
Supervisory Special Agent
FBI (Chicago, IL)

Matthew Wernz
Attorney
Federal Trade Commission (Chicago, IL)

Moderator

Donna L. Wilson
Partner
Manatt, Phelps & Phillips, LLP (Los Angeles, CA)

  • Examining coordination between state and federal agencies for addressing and combating cyber attacks and data breaches
  • Anticipating federal national breach notification laws and the resulting state law pre-emption challenges
  • Analyzing the proposed NAIC model cyber security legislation
    • Examining the controversy over the proposed requirement that insurers report breaches to the Commissioner of Insurance of the state where individuals have been affected
  • Interpreting the impact of proposed federal legislation allowing businesses to fight hackers and “hack back” without any legal implications
  • Preparing for and responding to state and federal agencies’ security assessments
    • Reviewing security assessments from a cost-benefit analysis in light of different findings from various agencies
  • Identifying the type of breaches agencies are targeting
  • Assessing agency breach priorities
  • Exploring the latest fines and penalties from state and federal agencies regarding incidents of breach
  • Understanding what causes regulators to bring enforcement actions
  • Taking the appropriate steps to avoid regulatory enforcement actions