Co-Chairs, Cybersecurity, Privacy and Data Protection Committee



Similar documents
CRISIS MANAGEMENT AND FIRST AID: WHEN GOVERNMENT CONTRACTORS ARE THE HEADLINERS WELCOME

RAPS Chapter Annual Planning Template

Integrating Security and Privacy Considerations into Client Services, Products and Day-To-Day Operations. WMACCA September 16, 2014

What The OMB Cybersecurity Proposal Does And Doesn't Do

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues

HOUSE BILL 665 CHAPTER. Commission on Maryland Cybersecurity Innovation and Excellence.

Federal Reserve System Secure Payments Task Force

Remarks for Admiral David Simpson WTA Advocates for Rural Broadband Spring Meeting Cybersecurity Panel

Cloud Cyber Incident Sharing Center (CISC) Jim Reavis CEO, Cloud Security Alliance

FULL LIST OF PUBLICATIONS, LEADERSHIP ACTIVITIES & SPEAKING ENGAGEMENTS CAREN ULRICH STACY PUBLISHED MATERIALS

Chairman Chaffetz, Ranking Member Cummings, and distinguished members of the Committee:

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

Inside The Proposed DFARS Business Systems Rule

CYBERSECURITY RISK MANAGEMENT

SEC Convenes Cybersecurity Roundtable: Highlights Importance of Cybersecurity for Public Companies and Financial Market Participants

Federal Office of Small and Disadvantaged Business Utilization (OSDBU) Directors Interagency Council. CHARTER

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Testimony of Dan Nutkis CEO of HITRUST Alliance. Before the Oversight and Government Reform Committee, Subcommittee on Information Technology

September 10, Dear Administrator Scott:

Board Election Candidate Statement

GAO ELECTRONIC GOVERNMENT ACT. Agencies Have Implemented Most Provisions, but Key Areas of Attention Remain

NJCP (New Jersey Certified Paralegal) Plan

Which Describes Your Cybersecurity Program Eager Beaver or Deer in Headlights? October 29, 2015

Panel Session: High Impact Workforce Initiatives Redefine the Government Information Security Workforce

FEDERAL CHIEF INFORMATION OFFICERS COUNCIL CHARTER

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

NIST Cybersecurity Framework Impacting Your Company? April 24, 2014 Presented By Sheila FitzPatrick, NetApp Jeff Greene, Symantec Andy Serwin, MoFo

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

Eric Hagopian, Senior Solutions Engineer, Novetta Solutions

STRATEGIC SOURCING. Selected Agencies Should Develop Performance Measures on Inclusion of Small Businesses and OMB Should Improve Monitoring

Managing Business, Government, and Public Policy: A Washington, D.C. Residency Program for MBA Students

CyberSkills Management Support Initiative

Examining the Evolving Cyber Insurance Marketplace

Social Media/Communications Committee

Call for Presentations for AGC s 2016 Conference on Surety Bonding and Construction Risk Management

GAO CYBERSECURITY. Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National Initiative

TESTIMONY OF STEVE COOPER DEPARTMENT OF COMMERCE CHIEF INFORMATION OFFICER BEFORE THE SUBCOMMITTEES ON

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

Fall/Winter Conference Presentation Script

Diane Honeycutt National Institute of Standards and Technology (NIST) 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

2015 Cybersecurity Campaign. Improving Today, Protecting Tomorrow

Agency Information Collection Activities: Proposed Collection; Comment Request; AGENCY: Federal Emergency Management Agency, DHS.

Villanova University School of Law 299 N. Spring Mill Road, Villanova, PA (610) T.

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

Testimony of. Mr. Anish Bhimani. On behalf of the. Financial Services Information Sharing and Analysis Center (FS-ISAC) before the

Department of Defense Information Assurance Scholarship Program. Sponsored by the. DoD Chief Information Officer

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.

ABA Young Lawyers Division Tax Law Committee Newsletter

Delving Into FCC's 'Damn Important' Cybersecurity Report

FY2016 Business Forecast Quarter 2 Review Conference Call Thursday, March 3rd, :00AM-10:00AM

Before the FEDERAL COMMUNICATIONS COMMISSION Washington, D.C Comments of CTIA The Wireless Association

4/21/2015. Jim Reavis CEO, Cloud Security Alliance. Cloud Security Alliance, Agenda

Job Search Strategies for the Law Student and Young Professional: What You Should Be Doing to Prepare Yourself

TESTIMONY OF VALERIE ABEND SENIOR CRITICAL INFRASTRUCTURE OFFICER OFFICE OF THE COMPTROLLER OF THE CURRENCY. Before the

Cyber Legislation & Policy Developments 2014

Gail B. Agrawal. Office: University of Iowa College of Law Phone: Iowa City, Iowa Professional Employment

NASCIO 2014 State IT Recognition Awards

Communication Plan. Information Technology University of Tennessee, Chattanooga. Version 1 November Susan Lazenby Barbara Webb

December 18, The Honorable Daniel K. Akaka Chairman The Honorable Richard Burr Ranking Member Committee on Veterans Affairs United States Senate

MEMORANDUM OF UNDERSTANDING Between Defense Contract Audit Agency and Department of Homeland Security

WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES

DHS IT Successes. Rationalizing Our IT Infrastructure

Model Pipeline Diversity Programming - A Roundtable

INFORMATION SECURITY. Additional Oversight Needed to Improve Programs at Small Agencies

Posted by David A. Katz, Wachtell, Lipton, Rosen & Katz, on Sunday December 16, 2012 at 10:20 am

DoD Issues Interim Rule Addressing New Requirements for Cyber Incidents and Cloud Computing Services

Farmland Preservation Artists of Central Pennsylvania Operating Policies and Procedures

Forensic & Investigative Accounting (FIA) Section American Accounting Association Mission, Objectives and Strategy.

FACT SHEET Contact: Office of Legislative and Public Affairs (703) Fax: (703)

Cybersecurity: The Legal, Legislative and Regulatory Outlook

22 ND ANNUAL REVIEW OF THE FIELD

AEHIX Public Policy Update

Testimony of PETER J. BESHAR. Executive Vice President and General Counsel. Marsh & McLennan Companies

May 18, 2007 MEMORANDUM FOR THE PRESIDENT S MANAGEMENT COUNCIL

Enhancing NASA Cyber Security Awareness From the C-Suite to the End-User

U.S. Department of Homeland Security

WOMEN'S SOCIETY OF CYBERJUTSU SPONSORSHIP OVERVIEW Women s Society of Cyberjutsu

Human Relations Advisory Council Operating Charter

Board of Directors Manual Executive Representatives Leadership Directors Committee Chairs

COMMITTEE ON EQUAL OPPORTUNITIES IN SCIENCE AND ENGINEERING (CEOSE) National Science Foundation MEETING MINUTES October 16, 2014

CompTIA and the State of Federal Information Security

Testimony of. Doug Johnson. New York Bankers Association. New York State Senate Joint Public Hearing:

Why you should adopt the NIST Cybersecurity Framework

DOD Takes Data-Centric Approach To Contractor Cybersecurity

THE LEBANON COUNTY CRIMINAL JUSTICE ADVISORY BOARD (LCCJAB) BYLAWS (AS AMENDED APRIL 2015) Established in December 2007

The GW CyberCorps Program

Cloud Computing. Report No. OIG-AMR UNITED STATES GOVERNMENT National Labor Relations Board Office of Inspector General.

2015 List of Major Management Challenges for the CFPB

PMI-DVC Board of Directors Roles and Responsibilities

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF MINNESOTA DECLARATION OF MARY ELLEN SIGNORILLE

SECURING PAYMENTS IN THE CYBER WORLD

CES 2016 AGENDA. Bally s Skyview Conference Center. Bally s, Las Vegas. Government Business Executive Forum. Ramsey Pub and Grill

Ethical Issues for Internet Healthcare: The ehealth Code of Ethics

How To Become A Member Of The American Bar Association

BYLAWS of the Alabama Mental Health Counseling Association

Delaware Cyber Security Workshop September 29, William R. Denny, Esquire Potter Anderson & Corroon LLP

Municipal Securities 2:00 p.m. 3:15 p.m.

SOCIAL SECURITY ADMINISTRATION 2014 CHIEF FOIA OFFICER REPORT

Transcription:

TO: FROM: Dave Ehrhart Chair, Public Contract Law Section David Z. Bodenheimer Susan B. Cassidy Maureen T. Kelly Co-Chairs, Cybersecurity, Privacy and Data Protection Committee DATE: September 15, 2015 SUBJECT: Annual Committee Plan As we left the annual meeting, the Cybersecurity, Privacy and Data Protection Committee planned on taking a brief hiatus in August from our regular program schedule so we could focus our efforts on preparing for what would no doubt be yet another active year for our committee. What we did not realize is that August would provide no rest for the committee. Rather, our ABA year has started off with a bang (or two really big bangs) with the issuance of OMB s proposed cyber acquisition guidance to federal agencies on August 11 th (OMB proposed cyber acquisition guidance ) and the publication of a new DFARS interim rule on Network Penetration Reporting and Contracting for Cloud Services (DFARS Case 2013-D018) on August 26 th (DFARS interim rule). If August is any indication, this new ABA year certainly will be the busiest one yet for the Cybersecurity, Privacy and Data Protection Committee. I. Committee Meetings We plan to continue the committee s strong record of holding regular (typically monthly) meetings that feature guest speakers and in-depth discussions of the many key legislative, regulatory, and policy developments in the cybersecurity/privacy arena. Our committee does not does not face a shortage of ideas for potential topics or panelists, including many Government representatives, for this coming year s committee meeting schedule. Given the serious and evolving nature of the cyber threats faced by the U.S. Government and the contracting community, the regulatory changes that have already been implemented and proposed, and the additional regulatory, statutory, and policy changes anticipated in the cybersecurity area, we need to remain somewhat agile to deal with emerging developments. Indeed, the committee has already held two (2) unplanned meetings to discuss, and to solicit volunteers to participate in preparing comments on, the OMB proposed cyber acquisition guidance and the DFARS interim rule.

Meetings Already Held or Announced A. August 17, 2015 Special Meeting Previously unscheduled telephonic meeting to discuss OMB proposed cyber acquisition guidance to federal agencies and to solicit ideas and volunteers for ABA PCLS comments. Discussion led by Susan Cassidy and Maureen Kelly. B. September 1, 2015 Special Meeting Previously unscheduled telephonic meeting to provide an overview of the DFARS Interim Rule on Network Penetration Reporting and Contracting for Cloud Services (DFARS Case 2013-D018) and to solicit ideas and volunteers for ABA PCLS comments in response to the Interim Rule. An overview of the Interim Rule was prepared and discussion led by Susan Cassidy and Maureen Kelly. C. September 14, 2015 Meeting Our first regularly scheduled meeting of the year will be held in person at Crowell & Moring s DC office and available telephonically. David Bodenheimer will host a discussion on Information Security, Privacy and the Government Accountability Office: Perspectives on Risks, Requirements, and Emerging Issues in the Public Sector featuring Gregory C. Wilshusen, the GAO Director of Information Security Issues. Seventy-five people have pre-registered for this event. D. September 14, 2015 Vice Chair Meeting The co-chairs will meet with the committee s vice chairs immediately after the our full committee s meeting to (i) discuss this Annual Plan and (ii) firm up each Vice Chair s commitment regarding his/her participation for this ABA year. E. October 14, 2015 Event The Committee, along with the ABA Cybersecurity Legal Task Force and multiple Science & Technology Law (SciTech) Section Committees (Homeland Security Committee, eprivacy Committee, Privacy and Computer Crime Committee, Information Security Committee, Cloud Computing Committee, the Internet of Things Committee), and the Young Lawyers Division are cosponsoring a joint program focusing on legal careers in cybersecurity, privacy, and information law. This second annual evening event, entitled, Legal Careers in Cybersecurity, Privacy, & Information Law: An Evening of Networking and Discussions with the Experts on How They Arrived, is again being hosted by Crowell & Moring and moderated by David Bodenheimer. We have invited DCarea law school students (Georgetown, George Washington, Howard, American, Catholic, George Mason, and Maryland) interested in pursuing a legal career in cybersecurity, privacy and information law. We expect approximately 60 law students to attend, network, and meet with ABA leaders and information law 2

Other Future Meetings: experts at this reception. We will send a separate invitation to PCLS leadership and would welcome any participation. We are currently in various stages of planning of other meetings for the coming year including: o Our second annual meeting featuring ABA Young Leaders on the Frontiers of Cybersecurity, Privacy, and Information Law: Rapid-Fire Retrospectives on 2015 and Predictions for 2016 o Our fourth annual January meeting featuring a roster of in-house corporate counsel providing their perspectives on cybersecurity for the coming year o Our second annual February meeting featuring a roster of Government personnel on the front lines of working cyber issues in the Government We also expect to co-sponsor a program with the ABA SciTech committees on Meet the NIST Experts on Cybersecurity and Privacy with invitations to be made to Ron Ross, Naomi Lefkowitz, and Jon Boyens. The target date will depend upon availability of the speakers and the forum. Kier Bancroft of Venable, one of our active Vice Chairs, has proposed that we conduct a joint meeting with Subcontracting, Teaming, and Strategic Alliances Committee to explore the many issues associated with the flow down of cyber requirements to subcontractors and suppliers, including incident reporting requirements and the applicability to commercial item providers. Kier will lead the efforts to arrange this meeting. Other meeting topics currently under active consideration include: II. Communications DoJ s recent cyber initiatives Impact of DFARS interim rule (and upcoming FAR rule) Cyber Incident Response plans and playbooks Government Chief Privacy Officers Insider Threat Congressional cyber initiatives Intersection of cyber initiatives with HIPAA In anticipation of this year, we evaluated the effectiveness of our two primary methods of communication with committee members, i.e., our email communications, mostly regarding upcoming events, and our committee s website. With respect to our email communications, we have updated our format for meeting announcements from a standard email text to a new, more user-friendly format featuring the PCLS logo and bulleted highlights. We also have reconciled the email list to the latest version of the official ABA committee list received from Patty Stanton. 3

We also decided to stop creating a monthly listing of key cyber/privacy articles, which was underutilized. Instead, Patrick Stanton of Covington Burling, the primary author of that feature for the last couple of years, now leads a team of some of our younger members who will issue short, timely alerts of new developments. Patrick and the new alert team members Erin Sheppard of Dentons, Kate Growley of Crowell & Moring and Oliya Zamaray of Rogers, Joseph, O Donnell developed a schedule where one of them is responsible each month for preparing alerts about important breaking developments. Just after this new team was formed (and before the monthly schedule was finalized), Kate Growley became the author of the first alert announcing that the DFARS interim rule would be published the next day after she uncovered that fact. One other area we will take another fresh look at this year is our website. While we updated the site approximately 18 months ago and do add materials to it regularly, the site s format remains awkward. We also believe the site is underutilized. Catlin Meade of Covington Burling, who has been responsible for the site in the recent past, is also our liaison to the technical committee, will engage with that committee to see how we can improve the site. III. Liaisons The Committee has been active the past couple of years in pursuing a diverse leadership, including by hosting events that feature some of younger members and Government lawyers. Early in 2015, we held our first meeting featuring the perspective of some of the key Government lawyers and other cyber experts, which directly led to greater collaboration as evidenced by our subsequent meeting featuring DHS initiatives. We intend to hold a similar meeting this year and also feature panels focusing on at least two different agencies initiatives. This year we are again co-hosting an event that invites tops students from Washington-DC area law schools to hear how leading lawyers in cyber, privacy and information law started in this area. Our events tend to be very well attended and attract a wide array of interested parties. We hope to leverage our expanding audience to diversify our leadership and membership. Our Committee s liaisons for this year will be: IV. A. Membership and Diversity Outreach Committee: Kier Bancroft B. Young Lawyers Committee: Oliya Zamaray C. Technology and Electronic Committee: Catlin Meade D. Publications Board:- TBD E. Federal, State and Local Attorneys Committee: -- TBD Committee Reports Each co-chair will take the lead in preparing the Committee Reports for the three Council Meetings and ensuring timely submission. The co-chair responsible for each report is designated below. November 2015 (due October 1, 2015) -- David Bodenheimer March 2016 FPI (due January 30, 2015) Susan Cassidy August 2016 Annual Meeting (due June 24) Maureen Kelly 4

V. Comment Letters Multiple new cyber and privacy-related regulations and policies are anticipated this year. As a result, the committee will be extremely busy preparing comments on these regulatory and policy developments, as evident by the two efforts already kicked off: A. OMB Proposed Guidance: The committee prepared comments on OMB s proposed cyber acquisition guidance to federal agencies, which was released on line on August 11 th. The comments were posted online on September 10 th. B. DFARS Interim Rule: The committee has started the process of preparing comments on the DFARS interim rule published on August 26, 2015. There is significant interest in the rule as evidenced by the fact that over 30 individuals attended the quickly arranged meeting on this topic and approximately 13 have expressed an interest in participating in the preparation of the comments. Our goal is to have an initial outline of the comments completed by September 21 st. The comments are due by October 26, 2015. Of particular note, a new FAR cyber rule is expected after finalization of the OMB guidance this fall and a final rule on CUI is also expected this Fall. VI. Succession Planning It is our intent to begin implementing succession planning that will follow the Section s guidelines that Co-Chairs move on after approximately three years. Because this Committee is so active, we believe it is critical that this Committee have three active Co-Chairs, with two of them having at least one-year of experience. Susan Cassidy joined us this year to replace Annejanette Pickens. David Bodenheimer intends to step down this coming year he becomes Chair-Elect for the SciTech Section. Maureen Kelly plans to step down the following year. We have announced this intent to our current Vice-Chairs and intend to be transparent about our succession planning with all active members. We believe that it is crucial that we re-fresh our current list of Vice Chairs to find and develop new potential leads for the Committee to avoid having to look for candidates outside of our current Vice Chairs for our succession plan to succeed. We currently have 19 Vice Chairs, a number of whom are not currently active in the Committee. We concur that the selection of future Co-Chairs and Vice Chairs should be based on such factors as who among Committee members is contributing regularly and meaningfully, who demonstrates commitment to the position and ability to organize Committee activities and written product, logistics (including the ability to host meetings), diversity, and issues of balanced constituency (government, in-house, private bar). To this end, emphasizing our focus on succession planning, we have asked each current Vice Chairs to specify his/her firm commitment to lead at least one specific activity or initiative for the Committee this year. We have advised the current Vice Chairs if they are unable to make such a commitment we will asking them to step down to make room for new leaders that are currently more active in the Committee. We will be contacting Section Leadership to make changes in the roster once we have completed this process. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information