Live Video-Broadcast: January 29, 2025
Select Your State Below to View CLE Credit Information
Sign-up for a law firm subscription plan and each attorney in the firm receives free access to all CLE Programs
Session I - Cybersecurity Essentials for Legal Professionals and their Clients: Latest Treats and Survival Tactics – Gina Greenwood
As malicious actors continually evolve their tactics, it is imperative for legal professionals to understand the risks to their clients and to fortify their own firms’ cybersecurity defenses and processes. This presentation delves into essential cybersecurity practices tailored to assist attorneys and law firms in understanding cyber threats, offering insights on safeguarding sensitive information, managing incidents and maintaining attorney-client privilege. Furthermore, it briefly touches one the burgeoning role of artificial intelligence in the legal profession, shedding light on its potential, while addressing the inherent risks.
Key topics to be discussed:
Session II - Cyber Insurance Essentials: Safeguarding Law Firms Against Digital Threats – Arthur Armstrong
This session complements the cybersecurity-focused presentation by addressing the critical role of cyber insurance in protecting law firms and their clients from the financial and reputational fallout of cyberattacks. It offers practical guidance on understanding and securing cyber insurance policies tailored to the unique risks faced by the legal profession. The session will explore the interplay between cybersecurity practices and insurance requirements, ensuring attorneys and law firms are equipped to manage their digital risks/ cases effectively. It will also address sources of potential disputes under cyber insurance policies and provide guidance as to how best to maximize coverage.
Key topics to be discussed:
Session III - Updates and Trends in U.S. Cybersecurity Regulation – Stephen Reynolds, Katelyn Ringrose
This session provides a comprehensive analysis of the Cybersecurity Incident Reporting for Critical Infrastructure Act (CIRCIA) and its implications for covered entities. The session will delve into CIRCIA’s reporting and retention requirements, detailing who must report, what incidents trigger reporting obligations, and the specific information required. Participants will learn about the severe penalties for noncompliance, including civil, criminal, and regulatory repercussions. Practical considerations for compliance, strategies for navigating reporting complexities, and an analysis of the upcoming final rule, effective in 2026, will be covered to help organizations proactively prepare and mitigate risks associated with CIRCIA’s sweeping mandates.
Key topics to be discussed:
This course is co-sponsored with myLawCLE.
Date / Time: January 29, 2025
Closed-captioning available
Gina Ginn Greenwood | Nelson Mullins Riley & Scarborough LLP
Gina is the current chair of the Nelson Mullins Data Privacy, Security, and Breach practice group and the co-chair of the Nelson Mullins Data Breach Response and Investigation Team. Gina has a 20-year career in data privacy and healthcare law, practicing her entire career at three different AmLaw 100 law firms. Prior to transitioning to Nelson Mullins, she previously developed and chaired the Breach Team at another AmLaw 100 law firm for over eight years.
Gina has represented clients in hundreds of matters involving data protection, privacy, and cybersecurity. She focuses on the investigation, response, notification, and defense of data breaches; HIPAA Privacy and Security Rule compliance; Red Flag Rules compliance; Genetic Information Nondiscrimination Act (GINA) compliance; 42 C.F.R. Part 2 federal alcohol and drug abuse privacy compliance, Federal Trade Commission (FTC) Act privacy/security compliance, PCI DSS Standards Compliance; Gramm Leach-Bliley Act (GBLA) privacy compliance; General Data Protection Regulation (GDPR) compliance; Family Educational Rights and Privacy Act (FERPA) compliance, and state consumer protection privacy, security and breach notification laws. She is approved cyber incident and investigations counsel for two of the largest insurance carriers in the world.
She is a recognized authority in Emergency Medical Treatment and Labor Act (EMTALA) compliance, investigations, hearings, and survey responses; fraud and abuse compliance plans, Joint Commission, and licensure compliance; reimbursement issues; contract drafting and general business advice; and many other regulatory and compliance matters pertinent to large and small businesses, device/pharmaceutical manufacturers, and healthcare entities.
Gina has authored numerous data privacy/security and healthcare materials including HIPAA Privacy and Security policy manuals, licensure policy manuals, Internet-based employee training modules, and fraud and abuse compliance plans/programs. She is a frequent speaker at data security tabletops and speaks often on the topics of managing ransomware attacks, HIPAA and EMTALA compliance, data breaches, and various other privacy and healthcare topics.
Gina was selected by the U.S. Commission on Civil Rights as a national EMTALA legal professional and provided oral testimony for a U.S. Commission on Civil Rights (USCCR) hearing in Washington, D.C. and corresponding written testimony, which was included in the USCCR “Patient Dumping” report as Congressional testimony to the President of the United States and the United States Congress (submitted September 2014).
Gina is very active in her community and church and has served on numerous philanthropic/nonprofit fundraising committees and boards of directors, including service to organizations like Goodwill and to the Campus Clubs Ministries, which is committed to supporting impoverished children who live in gang infested neighborhoods, assisting the children in developing social and educational skills through one-on-one mentoring, after-school and summer tutoring, and other active support programs. Gina believes change starts with changing herself and then trying to help those less fortunate one child at a time. The Greenwoods served as host family (in a child fostering-type program) to the Masonic Home of Georgia.
Arthur R. Armstrong | Reed Smith LLP
Arthur is a partner in the Philadelphia office who focuses his practice on insurance recovery exclusively on behalf of corporate policyholders.
Arthur regularly represents privately held and publicly traded companies against primary and excess insurers to secure coverage under property, commercial general liability, D&O, E&O and other insurance policies. He has also handled appeals before state and federal courts of Pennsylvania and New Jersey.
His practice also focuses on insurance recovery for cyber attacks, including ransomware, DDoS attacks, social engineering, malware attacks and other cyber threats. He holds a certificate from HarvardX for “Cybersecurity: Managing Risk in the Information Age.”
Each year since 2014, Pennsylvania Super Lawyers has recognized Arthur as a “Rising Star.”
Stephen E. Reynolds | McDermott Will & Emery
Stephen Reynolds (CIPP/US, CISSP) advises some of the largest companies n the world on complex data security and privacy matters.
A former computer programmer and IT analyst, Stephen is uniquely able to use his computer background to the advantage of his clients in matters involving data security, privacy, artificial intelligence and computer forensic investigations. He assists with responding to cybersecurity incidents, such as ransomware attacks, fund transfer fraud, data breaches and business email compromise matters. This work includes helping companies comply with regulatory obligations in the event of these incidents—including Securities and Exchange Commission (SEC) filings for publicly traded companies. Having litigated data security and privacy cases from the trial court level and through the highest levels of appeals, Stephen also represents clients in litigation and regulatory investigations regarding data security, privacy and technology matters.
Stephen has advised multiple publicly traded companies, including technology companies, professional services firms and consumer facing organizations, on compliance with the SEC’s recently adopted requirements for disclosing cybersecurity incidents, risk management and governance within 10-K annual reports. This guidance has included helping clients draft language for SEC reporting obligations and craft internal policies related to SEC disclosure obligations. Additionally, Stephen has helped clients with evaluating the potential need for and in making disclosures of material cybersecurity incidents on Form 8-Ks.
Stephen frequently educates others on data security and privacy at industry conferences and other forums. He is on the board of the International Association of Privacy Professionals (IAPP) and an instructor of the IAPP’s CIPP/US certification. In addition, Stephen is an instructor for the CISSP certification through the ISC(2). He also lectures on Data Security and Privacy Law at Indiana University Robert H. McKinney School of Law.
Katelyn N. Ringrose | McDermott Will & Emery
Katelyn Ringrose (CIPP/US, CIPP/E, CIPM) handles privacy, data protection and governance, and cybersecurity matters for large and multinational companies. She counsels clients on issues tied to state and federal privacy legislation, sensitive personal data, and appropriate safeguards for cross border transfers.
Katelyn’s experience includes advising corporations on high-priority matters that impact trust in cross-border data flows and managing public responses to significant legislative issues. She works directly with clients to provide practical, industry-specific solutions to complex challenges.
Prior to joining McDermott, Katelyn was the global policy lead for law enforcement and government access at a multinational technology company. She leverages her experience overseeing the company’s global work on cybercrime and surveillance issues when navigating clients through data security breaches and related incidents.
Session I – Cybersecurity Essentials for Legal Professionals and their Clients: Latest Treats and Survival Tactics | 1:00pm – 2:00pm
Break | 2:00pm – 2:10pm
Session II – Cyber Insurance Essentials: Safeguarding Law Firms Against Digital Threats | 2:10pm – 3:10pm
Break | 3:10pm – 3:20pm
Session III – Updates and Trends in U.S. Cybersecurity Regulation | 3:20pm – 4:20pm