Security Vulnerabilities and Ransomware Shutdowns: Learning from Apache Log4j vulnerability and the associated legal duties and ethical implications presented by technology

Kristin H. Hardy | Taft Stettinius & Hollister LLP

Kristin Hardy’s practice focuses primarily on trademark, copyright, and domain name, in addition to various privacy and data security matters. Kristin regularly assists clients in protecting their brands, creative works, and proprietary information, as well as helping clients commercialize intellectual property through licensing and other transactional agreements. She provides guidance to clients regarding brand development, clearance, registration, maintenance, and strategy for national and international trademark portfolios, in addition to assisting clients regarding trademark and copyright infringement and enforcement issues including preparing and responding to cease and desist letters, representing and defending clients before the U.S. Trademark Trial and Appeal Board, and negotiating consent-to-use and co-existence agreements.

Zachary Heck | Taft Stettinius & Hollister LLP

Zachary Heck’s practice focuses on privacy and data security. He speaks and writes regularly on cutting-edge data privacy and cybersecurity issues and is a Certified Information Privacy Professional in the fields of United States and European Union laws and regulations. Zach assists clients in the areas of privacy compliance, defense litigation, class action defense and guidance in the aftermath of an information security event, including data breach. Zach has experience advising clients with respect to FTC investigations, federal privacy regulations such as HIPAA, FCRA, TCPA and GLBA, as well as state laws governing personally identifiable information.

Brian J. Pezzillo | Howard & Howard Attorneys, PLLC

Brian Pezzillo is a member of Howard & Howard Attorneys, PLLC, where he practices in the areas of construction law, privacy and cybersecurity, administrative law, commercial and business law. Mr. Pezzillo advises clients with regard to data privacy compliance on international, national, and state laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA) and the Virginia Consumer Data Protection Act (VCDPA).

Mr. Pezzillo regularly prepares privacy policies for clients and assists with development of internal privacy programs. Mr. Pezzillo earned his B.B.A. degree from the University of New Mexico, Albuquerque and his J.D. degree from the University of New Mexico School of Law in Albuquerque, New Mexico and a Graduate Certificate in Privacy and Cybersecurity from Drexel University. He is admitted to practice in New Mexico, Nevada, North Dakota (inactive), Arizona, Colorado and before the U.S. District Court, districts of Nevada and New Mexico; and U.S. Court of Appeals, 9th, and 11th circuits. Mr. Pezzillo is a member of State Bar of Nevada (Construction Law Section), as well as the State Bars of Arizona, Colorado, New Mexico, and the American Bar Association (Construction Industry Forum, Alternative Dispute Resolution Group, and Business Law Section) and Clark County Bar Association.

Mr. Pezzillo serves as an arbitrator and mediator on the American Arbitration Association’s Construction and Large-Complex Construction panels as well as the Commercial and Consumer panels. He is also accredited by the International Association of Privacy Professionals (IAPP) as a Certified Information Privacy Professional/Europe (CIPP/E) and a Certified Information Privacy Manager (CIPM). He is also a Fellow of the Construction Lawyers Society of America (CLSA) and is listed as a Mountain States Super Lawyer, Best Lawyer in America and holds an AV rating from Martindale Hubbell.

Website: www.howardandhoward.com
LinkedIn: www.linkedin.com/in/brian-pezzillo-cipp-e-cipm-23a6b13

Session l – Security Vulnerabilities and Ransomware Shutdowns: Learning from Apache Log4j vulnerability and the associated legal duties | 2:00pm – 3:00pm

1. Associated legal duties learned from the Apache Log4j vulnerability regulatory scrutiny due to poor reaction to mitigation efforts | 2:00pm – 2:20pm
2. How to be proactive in protecting your data | 2:20pm – 2:40pm
3. Legal risks that ransomware poses to organizations, ransomware shutdowns, and how to plan and mitigate ransomware attacks | 2:40pm – 3:00pm

Break | 3:00pm –3:10pm

Session ll – Technology Competence: Ethical implications presented by technology | 3:10pm – 4:10pm

1. Discuss supervisory duties of attorneys | 3:10pm – 3:25pm
2. Identify changing rules of conduct governing the use of technology | 3:25pm – 3:40pm
3. Learn how to safely dispose of data and outdated devices | 3:40pm – 3:55pm
4. Identify key technology risks regularly encountered by attorneys and their staff | 3:55pm – 4:10pm