Cyber-attacks – What to do While (and Before) They Happen?

What happens if you are victim of a cyber-attack? The threat of a cyber attack is real, weather your organization is large or small, whether you are a multinational or a small business, a law firm or a financial institution.
As a business executive you have a diligence duty to prepare and ideally prevent cyber attacks on your systems/IT infrastructure. If you don’t stay on top of your organizations cyber risk, the damage goes beyond your regular IT headaches. You can face fines and reputational damage and loss of business.This seminar will provide you with hands on tips, best practice on how to fight off an attack. You will hear about the recent tricks hackers are using both in Europe and in the US and policy changes you and your team need to be aware of.

Our panel will introduce you the transatlantic regulations, necessary preventative/preparatory actions, incident management procedures, as well as damage mitigation practices. You will hear about most common cases, do’s and don’ts, practical steps, some success stories, and much more.

AGENDA:
1. The risk is already out there…
• Recent cyber incidents / data breach cases
• Relevance of cyber risks from high-level risk management perspective
• A Closer look
> What attackers may target
> Who may be behind an attack
> How an attack may look like
> How an attack may begin
> What may be the consequences of an attack: operational, financial, reputational damage

2. Managing legal risks in a constantly developing regulatory landscape
• Direct vs. indirect regulation
> Direct regulation: focus on personal data and critical infrastructure
> Indirect regulation: e.g., violation of contractual obligations
• [EU] Preventive obligations vs. incident-related obligations
> “Appropriate technical & organizational measures”
> Notification of regulators
> Notification of data subjects
• Consequences of non-compliance

3. Best practice – resilience & readiness
• Asset/information mapping
• Set up incident emergency plan
> Definition of incident response team incl. external support
> Incident response plan
> Technical incident readiness (technical fallback for IRT communication)
• Emergency drills & continuous improvement

SPEAKERS:
• Michael Biendl, Counsel, CMS
• Joseph DeMarco, Partner, DeMarco Law
• Robert Gardner, Founder, NWTP
• Michael Kamps, Partner, CMS
• Yvonne Bendinger-Rothschild, Executive Director, EACCNY [Moderator]

TIME:
8:30 – 9:00 AM Check-in | 9:00 – 10:00 AM Program | 10:00 – 10:30 AM Networking

REGISTRATION FEE:
EACCNY Members: Free
EACCNY non-Members: Free

COVID PROTOCOL:
Proof of Covid-19 vaccination is required to attend.