Cyber Risk Quantification and its Use Cases and The Ransomware Plague. What the Colonial Pipeline Attack Means for America – Part 2

Please join us for our June event.

This will be an online meeting with the link sent out the day before the meeting.  Please note this session will begin at 5:30 immediately following a brief members-only annual meeting.  Separate registration emails and Zoom links will be provided.

Agenda
5:30 – 5:40  Welcome and brief announcements
5:40 – 6:25  Speaker 1: Cyber Risk Quantification and its Use Cases­­­­­­­­­
6:25 – 7:15  Special Briefing: The Ransomware Plague. What the Colonial Pipeline Attack Means for America – Part 2
7:15 Session Wrap-up

Session 1:
Cyber Risk Quantification and its Use Cases

Speaker:
Professor Ariel Evans, Founder and Faculty Chairperson
Cyber Intelligence 4U, Inc.

Abstract:
Over 85% of a business is in digital form, compared to 10% in 2001. That means 85% of a business’s value is digital. This explosion in digitization is parallel to the explosion in cybercrime. Cybercriminals attack the digital assets. They steal data, interrupt business processes via ransomware and denial-of-service attacks and cause regulatory penalties and fines based on data stored and processed in systems and technologies. The digital asset approach is the only approach recognized by the academic, analyst and industry communities as having defensible values related to the cybersecurity lifecycle.

Speaker Bio:
Professor Ariel Evans is a senior business and cybersecurity expert, educator, and author. Ariel is the founder of Cyber Intelligence 4U, a cybersecurity education company that provides hands on training focusing on cybersecurity from the business perspective. She is the CEO of Cyber Innovative Technologies, which provides VRisk® a cyber risk management platform.
Ariel is the author of ‘Managing Cyber Risk’ published by Routledge Press in April of 2019 and ‘Enterprise Cybersecurity in Digital Business’ to be published in 2021. Her books are based upon three years of research with the Fortune 1000 and cyber insurance industry. The result is what Ariel has termed ‘the digital asset approach’ to cybersecurity. Her newest book ‘Enterprise Cybersecurity in Digital Business’ will be out in the late spring of 2021.
Ariel is the primary author of the PCI Security Council e-commerce guidelines issued in January of 2013. She has won numerous awards including the EU Commission award for Innovation in cyber risk. Ariel has her undergraduate degree in Nuclear Physics and her M.B.A from New York University’s Stern School of Business.

Session 2:
Special Briefing: The Ransomware Plague. What the Colonial Pipeline Attack Means for America

Speaker:
Paul Ferrillo
Partner, Privacy & Cybersecurity
Seyfarth Shaw LLP

Abstract:
The recent ransomware attack on Colonial Pipeline amplified the fact that the US is current in the midst of a ransomware pandemic of proportions we have never seen before. Eric Goldstein, executive assistant director of the cybersecurity division at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA recently stated that the attack “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.” In part 1 of the Colonial Pipeline discussion, we will discuss the issues raised by the attack for US companies, including issues concerning cybersecurity insurance for ransomware attacks, as well as official positions taken by the US government and the FBI.

Speaker Bio:
Paul focuses his practice on the largest matters facing US corporations and financial firms today: complex securities class actions, major data breaches and associated privacy class actions, and corporate and regulatory investigations.

Paul has throughout his career represented public companies and their directors and officers in shareholder class and derivative actions, as well as in internal investigations. In particular, he has coordinated numerous internal investigations on behalf of audit committees and special committees, and handled the defense of securities class actions alleging accounting irregularities and/or financial fraud.

Paul also has extensive experience in cybersecurity matters. Paul is a cybersecurity incident “first responder.” He assists clients with governance, disclosure, and regulatory matters relating to their cybersecurity postures and the regulatory requirements that govern them. He also litigates privacy class actions in federal and state court.
Paul maintains an active pro bono practice and has acted as pro bono counsel/litigator for the Humane Society of the United States in connection with successful effort to close a puppy mill accused of improper sales tactics and abuse of puppies.

He is also the author of “Navigating the Cybersecurity Storm: A Guide for Directors and Officers” (Advisen 2015) and co-author of “Take Back Control of Your Cybersecurity Now: Game Changing Concepts on AI and Cyber Governance Solutions for Executives” (Advisen 2017).

Paul represents clients across a wide range of industries, including retail, aerospace contractors and subcontractors, apparel, financial services, investment banking, private equity, hedge funds, 1940 Act funds, energy, oil and gas, and real estate.