Ransomware, Cyber Insurance, and the GC's Role: New Executive Order, Risks Related to Payment, FBI Guidance
Recording of a 90-minute CLE video webinar with Q&A
This CLE course will discuss how general counsel can assist and address a company's risk when facing a ransomware attack. The panel will discuss the executive order issued in May 2021 by the Biden administration instituting tech standards for businesses acting as government contractors to limit potential ransomware attacks. The panel will advise when and how cyber insurance can be utilized and what risks still exist when payment is made, if that possibility even exists, in light of the most recent increased attacks on Colonial Pipeline and SolarWinds.
- Ransomware history
- SolarWinds attack
- Colonial Pipeline attack
- Role and considerations of general counsel
- Payment of a ransom does not avoid other costs to the company
- Review of cyber insurance coverage
- Adjust your compliance program to the changing regulatory enforcement risks
- Biden administration Executive Order
- FBI success in Colonial Pipeline case and future enforcement actions
The panel will review these and other key topics:
- What is the history of recent ransomware attacks on U.S. companies?
- How can general counsel implement a ransomware contingency plan? When should payment be considered?
- What issues with cyber insurance should counsel consider when assessing policies?
- How is the Biden Executive Order impacting companies' ransomware preparedness policies?
- How has the recent success of the FBI in recouping the Colonial Pipeline ransom affected future attacks?
Lauren D. Godfrey, CIPP/US
Lewis Brisbois Bisgaard & Smith
Ms. Godfrey counsels clients across business sectors as to best practices in information privacy and data security. She... | Read More
Ms. Godfrey counsels clients across business sectors as to best practices in information privacy and data security. She assists clients in responding to data security incidents whether it be ransomware, business email compromises, insider threats, or protected health or financial information data breaches. As part of the firm’s rapid response team, Ms. Godfrey conducts initial assessments of the data security problem being faced by clients and facilitates those forensic and/or remediation services required to contain, analyze, investigate, and remediate the incident. Ms. Godfrey assesses the client’s consumer and regulatory notification obligations under applicable state, federal, and international laws, and assists clients with external communications such as consumer or employee notifications, regulatory reporting, and media holding statements. Ms. Godfrey possesses the ANSI-accredited Certified Information Privacy Professional/United States (CIPP/US) credential from the International Association of Privacy Professionals (IAPP).Close
Aaron K. Tantleff
Foley & Lardner
Mr. Tantleff focuses on providing legal and strategic guidance regarding information technology, outsourcing,... | Read More
Mr. Tantleff focuses on providing legal and strategic guidance regarding information technology, outsourcing, licensing, consulting, professional services, e-commerce, manufacturing, supply, and distribution agreements, as well as product acquisitions, strategic alliances, mergers and acquisitions, and private equity investments where technology and intellectual property are of significant importance. Mr. Tantleff is a frequent speaker on technology, security, privacy and outsourcing matters and is regularly quoted in The Wall Street Journal, Reuters, Politico, Fortune, and other top-tier publications on topics such as cyberattacks, privacy law developments, and data protection, including regarding the General Data Protection Regulation and Asia Pacific Cross Border Privacy Rules. Mr. Tantleff has been retained for data protection, cybersecurity, monetization of big data/IoT programs, and data breach response, remediation and simulations by companies across all industries and sizes, domestically and abroad.Close