Law Firm Cyber Risk Conference: Addressing the Issues from the Top Down

Transcription

1 Program Organizer: Please join us for a NEW Invitation Only Law Firm Cyber Risk Conference: Addressing the Issues from the Top Down Role of Firm Leadership, IT, COO, General Counsel Data Breaches Identification & Investigation Notification Issues, Internal & External Incident Response Strategies Working with Clients, the Government Wednesday, May 29, :00 a.m. 12:30 p.m. The Yale Club 50 Vanderbilt Avenue New York City Sponsor:

2 Law Firms: Highly Vulnerable Targets Revising Your Strategy to be Prepared and Responsive, Acting Decisively and Promptly Add to the top of your risk list: data thieves. Increasingly, hackers and intruders, both internal and external, have realized that law firms may be the soft underbelly of the system. Therein lies opportunity for the criminally inclined and a complicated set of new challenges for those charged with dealing with clients and protecting their firms sensitive information. Cyber Security is not just an IT issue anymore. It requires the attention of senior legal leadership and business executives and, also, early interdiction by the team to protect clients, employees, partners, third parties, and the firm. This update is the first to address these issues from the top down. We have specifically tailored the agenda to analyze particular, often unique, issues law firms must face including: The business model of a law firm is based on leveraging the work product from old matters to new situations. This open access and sharing are a potential information security weakness. They run counter to sound information practices. How do you respond to this challenge? What is the best governance structure to deal with cyber security incidents and response? Notification issues/strategies (47 states have breach notification laws) What is the appropriate trigger for notifying a client, all clients, one or more partners, third parties, and law enforcement? What should be the mechanism for notification? What strategy should you pursue for dealing with the increasing number of client security provisions built into fee arrangements? Should you work with a security company to investigate, assess, and suggest solutions? What do the lawyer leaders at the firm need to know about a breach or hack? Case Studies: A strengthening market means firms are seeing transactions and mergers in greater number and size and receiving more company data. How do cyber intrusion threats affect due diligence, negotiations, contract terms, etc.? In the financial services sector, which has expressed concerns about law firms being the weak link in the security chain, how should you deal with client security requests and potential legal liability questions? Firms increasingly are receiving lengthy questionnaires about firm IT practices and asked for certifications on policies and protocols. How should you respond to these audits? Who Should Attend? Chairman, Managing Partners, Executive Committee Members, Partner Heads of Technology Committee, Risk Committee, IP, Litigation Practice Group Leaders, COO, Executive Directors, CTO, CIO, General Counsel

3 FROM THE GOVERNMENT: Judith H. Germano, Chief, Economic Crimes Unit, Assistant U.S. Attorney, U.S. Attorney s Office, District of New Jersey, Department of Justice, Newark, NJ PANELISTS: Andreas M. Antoniou, Chief Information Officer, Paul, Weiss, Rifkind, Wharton & Garrison, NYC Mitchell J. Auslander, Partner, Chairman of Risk Committee, Willkie Farr & Gallagher, NYC Lawrence J. Bracken II, Partner, Hunton & Williams, Atlanta Bob Bratt, Chief Operating Officer and Executive Director, U.S. Operations, DLA Piper, Washington D.C. Dave Canfield, Managing Director Client Solutions, UnitedLex, NYC James A. Harvey, Partner, Head of Technology, Privacy & IP Transactions Group, Alston & Bird, Washington D.C. Don Jaycox, Chief Information Officer, Americas, DLA Piper, San Diego Stuart D. Levi, Partner, Chairman of Technology Committee, Skadden, NYC Alan Charles Raul, Partner, Sidley Austin, Washington D.C. William Wynne, Jr., Partner, Chairman of Risk Management Committee, White & Case, NYC PROGRAM HIGHLIGHTS: 8:30 9:00 a.m. Breakfast & Registration; 9:00 a.m. 12:30 p.m. Program A. Defining Cyber Crime in the Law Firm Context: Data Breaches, Hacking, Trade Secrets B. Who and What Types of Threats Are Most Significant The View from the U.S. Attorney s Office 1. How to separate the serious threats from the mere annoyances 2. Threats externally and within your organization 3. Economic espionage 4. State sponsored attacks C. Firm Governance: To what extent should law firm leadership be involved/informed of cyber risk? Cyber security incident response? D. What is an effective strategy for dealing with the increasing number of client security provisions and questionnaires built into contractual requirements? E. Incident Response Strategies 1. Notification Issues/Strategies: What is the trigger for notifying a client of a security incident? All clients? One or more partners? Law enforcement? What is the notification mechanism? 2. What does a successful response to a cyber attack look like? 3. Who is included in responding; who is on the team internally; how long does it take? 4. How do you determine the objective of an attack? 5. Liability Insurance F. Risk Management Oversight including Training, Outside Consultants G. Working with Clients 1. Strategies for protecting sensitive data 2. How to curtail losses clients might suffer 3. As the deal market strengthens with greater number and size of transactions firms have more company data. How does a cyber intrusion affect due diligence, negotiations, contracts 4. Law firm as third party; Policies, protocols, assessments, certifications, and questionnaires H. Working with the Government 1. At what point do you involve the Government? 2. Lessons to be learned and information sharing I. Intellectual Property Issues 1. Data protection 2. Privacy considerations with clients, firm partners and staff 3. Cyber Security Concerns 4. Special issues including Bring Your Own Device (BYOD). Firm Policies and Protocols J. Ethical Issues

4 LAW FIRM CYBER RISK CONFERENCE Wednesday, May 29, 2013, New York; 9:00 a.m. 12:30 p.m. The Yale Club of New York, 50 Vanderbilt Avenue, New York TO REGISTER: E MAIL HULisaColombo@sandpiperpartners.comUH, PHONE , or FAX or MAIL Sandpiper Partners LLC, 855 Valley Road, Suite 209, Clifton, NJ Name: Position: Firm: Address: City: State: Zip: Phone: **REGISTER VIA E MAIL & SAVE $50 OFF REGISTRATION PRICE** Fee: $495 (includes educational meeting, materials, breakfast, coffee break). Registration fee must be paid in advance, by May 22, Method of Payment: (Please check your preferred method) Check (payable to Sandpiper Partners LLC) Credit Card: AMEX Visa MasterCard Card Number Expiration Date Billing Address Signature Cancellations: The deadline for cancellations is Wednesday, May 22, 2013, 4 p.m. ET. A refund, less an administration charge of $100, will be given. After this date, no refunds will be made. Substitutions may be made at any time. CLE credit including ethics credit has been applied for. Conference Organizer Sandpiper Partners is a consulting firm run by highly successful entrepreneurs, Lynn and Stephen Glasser, who have decades of experience producing business of law, educational events, surveys, publications and solutions for law firms. The Glassers designed and implemented the first ever Executive MBA for Law Firm Managers. Sandpiper Partners has organized and presented a series of groundbreaking conferences on cyber crime and the cyber threat landscape for the business community. HUwww.sandpiperpartners.comUHU. Sponsor If you no longer wish to receive these s, please reply to this message with "Unsubscribe" in the subject line or message body or please send a letter including your name, request for discontinuance, and address to: Sandpiper Partners LLC, 855 Valley Road, Second Floor, Clifton, NJ

5