24 - 25 November, 2015 | ILEC Conference Centre and Ibis London Earls Court, London, United Kingdom

Cyber for General Counsel Day 2

08:30 - 08:50 Registration & Coffee

08:50 - 09:00 Chair's Welcome

09:00 - 09:40 Keynote Panel Discussion: Cybersecurity and Privacy – Public and Private Sectors' Standpoints

In this Keynote Panel discussion, we bring together those in both the Public and the Private Sector to discuss their challenges and concerns over Cyber Security and Privacy, and how the two areas can utilize learning from each other.
  • The role and importance of privacy protections
  • Building information sharing between public and private sectors – how can this be encouraged?
  • Litigation & enforcement – recent developments in both sectors

09:40 - 10:20 The Intersection of Privacy, Security and E-Discovery

The headlines of high profile cyber-attacks affecting some of the largest organisations continue to raise the stakes for corporate cyber security efforts. Developments in the legislative, judicial, and regulatory cyber security spheres implicate every aspect of an organisation's infrastructure, including and especially the legal implications. At the same time, the balancing act between privacy, security, and e-discovery continues to evolve across Europe. This session discusses the many facets of these issues.

10:20 - 11:00 Panel Discussion: International E-Discovery – Data Protection, Privacy, and Cross-Border Issues

This panel of e-discovery and e-disclosure experts will discuss the current state of cross-border data transfer laws, revisions to the EU Data Protection Directive and best practices for navigating these complicated waters.

11:00 - 11:30 Tech Demo & Networking Break

11:30 - 12:10 Outsourcing Big Data to the Cloud

A hot topic of debate for IT and Legal teams alike, there is some disparity between the apparent benefits of utilising the Cloud and the uptake within large organisations. What factors should be taken into consideration when reviewing your data storage from a legal perspective?
  • Data Privacy regulation considerations
  • Negotiating up front as to Incident Response
  • Cross border data transfer for offshore servers
  • Export Controls and economic sanctions Issues

12:10 - 12:50 Enterprise Risk Management – The Legal Blackhole?

A key concern for all General Counsel should be whether the organisation’s Enterprise Risk Management programme has considered all relevant cybersecurity risks including legal and policy risks. With the rise of BYOD, it is even more important for GCs to be on top of the types of devices available to the company, from the outset.

Here we look at the various implications of enterprise and BYOD, and how to mitigate that risk from a legal perspective.

12:50 - 14:00 Tech Demo & Networking Lunch

14:00 - 14:40 Leader Session: The Legalities of Forensic Investigations of Hacking Incidents

Investigation of hacking incidents often requires combining the efforts of different technologies. Network forensics is one of the components in the process of finding compromised hosts, and capturing and reconstructing malicious sessions – but how far can you delve before running into legal data use issues and employee privacy laws?

14:40 - 15:20 Roundtable Sessions: Facing the Breach - Preparing to Handle Incidents and Crisis

No security programme is perfect; incidents will take place. The key to handling them well is preparation that can prevent an incident from becoming a crisis. General Counsel are an essential part of a security response team and should participate and help guide periodic tabletop sessions that help prepare the organization. Legal-specific issues that bear advance planning include considering when and how the attorney-client privilege will be asserted in the event of an incident and how incident documentation will occur and be retained.

In this interactive tabletop session, you’ll be guided through the key milestones to creating a solid plan for handling a breach including -
  • Identifying legal counsel to participate in and counsel the incident response team and process.
  • Being familiar with cybersecurity concepts, fact patterns, and terms in relation to the organization structure.
  • Identifying and qualifying further key internal and external resources (e.g., forensics, outside counsel, communications).
  • Ensuring the team and process are exercised regularly to prepare for incidents.
  • Regularly engaging senior management in a training exercises

15:20 - 15:50 Tech Demo & Networking Break

15:50 - 16:30 Panel Discussion: User Education and Policy Building

Many Legal Professionals overlook the impact they can have on the way the business puts in place their User Policies, leaving that element to HR teams – here we will hear from a panel of experts on the way the education and policy building with a business can mitigate your risk and be built in as a valuable addition your IT strategy, and the support Legal functions can give to building robust user policies.

16:30 - 23:59 End of Day 2 and Close of Conference