AGENDA    12:45 | Registration
1:45 | Welcome & Opening Remarks  2:00 | THE PUBLIC-PRIVATE PARTNERSHIP
HOW IT WORKS . . . OR SHOULD!

“Cooperation between the public and private sectors is an essential aspect of our national cybersecurity strategy,” reads a recent blog post for Penn Wharton at the University of Pennsylvania.  “Cybersecurity [Public-Private Partnerships (PPPs)] must be based on a foundation of mutual trust, and open dialogue between private companies and the government can help to ameliorate some of the reluctance in the private sector. Moreover, by clarifying the regulatory framework surrounding cybersecurity, the government can better assuage private companies’ hesitations to reach out to the government in the event of an attack. By addressing these concerns, cybersecurity PPPs can work to develop strategies for risk management and information sharing, and both the private sector and the government will be better equipped to handle future cyberthreats.” That’s the impetus behind our kick-off session with a speaker who is uniquely qualified to address the issue.

Speaker
Jamil Jaffer, VP Strategy & Business Development, IronNet Cybersecurity, formerly served as counsel to the White House, Senate and U.S. Department of Justice

2:20 | THE URGENCY OF CYBER THREATS TO U.S.
& GLOBAL CRITICAL INFRASTRUCTURES 

“The electric grid and most infrastructure we have is actually fairly well built for reliability and safety,” writer Jesse Dunietz said in Scientific America. However, he continued, “That safety and reliability has never been thought of from a cybersecurity perspective . . .  [O]ur adversaries are getting much more aggressive. They’re learning a lot about our industrial systems, not just from a computer technology standpoint but from an industrial engineering standpoint, thinking about how to disrupt or maybe even destroy equipment. That’s where you start reaching some particularly alarming scenarios.” 

What we will cover: 
Nuclear power plants and the electricity power grid
Chemical manufacture and distribution
Telecommunications
Shipping: threats to ports
Transportation
Financial services
Water supplies

Plus
State-sponsored cyber attacks

Speakers
Vincent J. Vitkowsky, Partner, Seiger Gfeller Laurie LLP, has served as Adjunct Fellow at the Center for Law and Counterterrorism
Megan L. Brown, Partner, Wiley Rein LLP, formerly with the U.S. Department of Justice
Helena Korobko, Technical Account Executive, Sprint
Jacob Dorval, Global Services Product Lead, RSA NetWitness Suite, RSA Security, formerly Network Intelligence Analyst with the U.S. Air Force
Gus P. Coldebella, Partner, Fish & Richardson, former acting General Counsel, U.S. Department of Homeland Security

3:15 | IDENTIFYING, UNDERSTANDING AND LIMITING
YOUR LEGAL VULNERABILITIES 

When any part of our critical infrastructure goes down, the ramifications go way beyond having to find your flashlight. How will your organization deliver goods and services? How will you guard your data? How will your operations be crippled? What liabilities will you face from customers, suppliers, and government agencies? 

What we will cover:  
Third-party claims
Physical damage
Bodily injury claims
Supply chain disruption
Business interruption claims
Regulator and compliance claims
Insurance coverage for liabilities and damage resulting from attacks 

Plus
Unique risks when converting from legacy systems
Effective crisis communication

Speakers
Edward (Ted) Brown, Associate, Wiley Rein
Michael Phillips, Tech, E&O & Cyber Claims Manager, Beazley
Jordan L. Fischer, Partner, Xpan Law
Melanie Dougherty, Managing Director, Inform

4:15 | Break 

4:45 | CASES IN POINT:
LESSONS LEARNED FROM RECENT ATTACKS & MISHAPS

In a post by Willis Towers Watson, The [WannaCry ransomware] attack first came to light mid-afternoon in the U.K. on May 12 and then spread across the globe, affecting computers in China, France, Germany, Japan, Russia, Spain and the U.S.  The attack also impacted many industries, including health care providers (mainly hospitals), manufacturing, telecommunications, utilities, logistics, transportation and educational facilities.” 

What we will cover: 
Understanding malware and ransomware attacks.
How were these and other attacks executed?
What vulnerabilities were exploited?
How were these attacks halted?
Confronting ransomware: insurance perspectives

Daniel B. Garrie, Neutral at JAMS; Managing Partner at Law and Forensics; and
CISO at Zeichner Ellman & Krause
Elad Yoran, CEO, Security Growth Partners; Executive Chairman, KoolSpan
David Cass, CISO, Cloud & SaaS Operational Services, IBM
Richard J. Bortnick, Senior Counsel, Traub Lieberman Straus & Shrewsberry LLP
Tamara Snowdon, Senior Vice President, Cyber and E&O Practice, Marsh USA Inc., FINPRO

5:30 | PREVENTING & MITIGATING THE DAMAGE

In a post for the Cyber Security Law & Policy blog, writer Ryan White wrote that President Trump’s announced strategy “acknowledges the threats that exist to critical infrastructure, federal networks, and security for both businesses and individuals in the private sector.  The strategy identifies the nation’s cyber capabilities as determinative of its future: ‘America’s response to the challenges and opportunities of the cyber era will determine our future prosperity and security.’ The priority actions are: Identify and Prioritize Risk; Build Defensible Government Networks; Deter and Disrupt Malicious Cyber Actors; Improve Information Sharing and Sensing; Deploy Layered Defenses. All of those are laudable goals and logically sound steps to achieving cyber security. But, it is much easier said than done.”

Donald R. Codling, Codling Group International, former Unit Chief, FBI Cyber Division
Matthew Majkut, Director Privacy & Cybersecurity, Paul Hastings, Also visiting professor at Fitchburg State University; formerly with IBM
Jeff Tutton, MSc., QSA, CCFE, President, Global Security & Compliance Intersec Worldwide, Inc.

What we will cover: 
How to identify and prioritize risks
Building more defensible networks
Improving information sharing and sensing
Testing incident response and back-up plans
Recovering from attacks

6:15 | Adjourn