October 14 and 16, 2020
This conference brought together academics, government officials, corporate directors, in-house counsel, compliance officers, and private attorneys for an off-the-record discussion of today’s most significant challenges and risks pertaining to cybersecurity and data privacy. The conference participants offered concrete guidance on how companies and their counsel can overcome and even preempt these challenges, and more effectively manage the risks. In addition, the conference provided candid insight into the trajectory of increasing regulation and enforcement in the areas of cybersecurity and data privacy, including, in particular, by the Federal Trade Commission and the New York State Department of Financial Services. The conference included discussions of: boards’ and corporate executives’ duties and best practices in these areas; how enforcement agencies, financial services providers, and corporations collectively can address the threats posed today by the misappropriation of corporate data, including terrorism and election interference; practical guidance, and regulators’ perspectives, on how firms should be managing the cybersecurity risks carried by third-party vendors and cloud services; and the current failure of corporate and accounting rules to influence corporate behavior with respect to the accumulation, use, and retention of data that is a business resource, and whether extending corporate rules to such data might improve cybersecurity.
Conference Agenda (PDF: 4.40 MB)
- Randal Milch, Co-Chair, Center for Cybersecurity; Distinguished Fellow, Reiss Center on Law and Security; and Professor of Practice, NYU School of Law (Moderator)
- Mary Galligan, Managing Director, Deloitte & Touche
- Avi Gesser, Partner, Debevoise & Plimpton LLP
- Edward Stroz, Founder and Co-President, Aon Cyber Solutions (formerly Stroz Friedberg)
Panel 2: Board and Executive Duties and Best Practices in Cybersecurity and Data Privacy
- Judith Germano, Founder, Germano Law LLC; Distinguished Fellow, NYU Center for Cybersecurity; Senior Fellow, Reiss Center on Law and Security; and Adjunct Professor, NYU School of Law (Moderator)
- Nicole Friedlander, Partner, Sullivan & Cromwell LLP
- Thomas H. Glocer, Executive Chairman, Blue Voyant LLC; Lead Director, Morgan Stanley
- Jules Polonetsky, CEO, Future of Privacy Forum
- Myrna Soto, Chief Strategy and Trust Officer, Forcepoint
Panel 3: Present-Day Dangers of Corporate Data Misappropriation
- Andrew Weissmann, Senior Fellow, Program on Corporate Compliance and Enforcement; Distinguished Senior Fellow, Reiss Center on Law and Security; and Distinguished Senior Fellow, Center on the Administration of Criminal Law, NYU School of Law (Moderator)
- Jennifer Daskal, Professor of Law and Faculty Director, Tech, Law & Security Program, American University Washington College of Law
- Kristina Littman, Chief, Cyber Unit, Division of Enforcement, U.S. Securities and Exchange Commission
- Jeannie S. Rhee, Partner, Paul, Weiss, Rifkind, Wharton & Garrison LLP
- David Szuchman, Senior Vice President, Global Head of Financial Crime and Customer Protection, PayPal
Panel 4: Third Party and Cloud Risk Management
- Alicyn Cooley, Executive Director, PCCE, and Adjunct Professor of Law, NYU School of Law (Moderator)
- Kim Berger, Chief, Internet and Technology Bureau, Office of the New York State Attorney General
- Justin Shibayama Herring, Executive Deputy Superintendent, Cybersecurity Division, New York State Department of Financial Services
- Marshall L. Miller, Partner, Kaplan, Hecker & Fink LLP
- Senior Speaker, UK National Cyber Security Centre