Information and Cyber Governance, Data Analytics

Program Organizer:
From the Government:
Scott W. Bauguess
A Complimentary,
Invitation-Only Breakfast and Educational Briefing
Third Annual:
Information and Cyber
Governance, Data Analytics
and Privacy Briefing
Identifying, Protecting and Responding to
Today’s Growing Internal and External Risks
Deputy Director and Deputy Chief Economist, Division of
Economic and Risk Analysis, U.S. Securities and Exchange
Commission, Washington, D.C.
David C. Shonka
Principal Deputy General Counsel, Federal Trade Commission,
Washington, D.C.
Other Faculty:
Courtney Barton
Senior Counsel, Global Privacy, Hilton Worldwide, Inc.,
Washington, D.C.
Mary Ellen Callahan
Partner, Jenner & Block, Formerly, Chief Privacy Officer,
U.S. Department of Homeland Security, Washington, D.C.
Emily Stapf
Forensic Technology, PwC, Washington, D.C.
SPECIAL FEATURE: Game of Threats™
March 18, 2015, 9:00 a.m. – Noon
The National Press Club,
Sanjay Subramanian (Moderator)
Partner, PwC East Region Forensic Services Analytics Leader,
PwC, Washington, D.C.
Benjamin A. Winter
General Counsel, Commercial Markets, Information Systems &
Global Solutions, Lockheed Martin, Bethesda, MD
529 14th St. NW, Washington, D.C.
Cooperating Program Developer:
Who Should Attend?
General Counsel; C-Level Executives including Chief Risk
Officer, Chief Privacy Officer, Chief Data Officer,
CIO, CISO; Outside Counsel; Boards
Enterprise Risk Explodes to
New Frontiers…
The confluence of data breach issues, the need to have robust response
mechanisms and the urgency of having in place comprehensive information
governance and cyber governance programs are now top priorities for C-suite
executives, general counsels and their advisors. In particular every company
needs enhanced internal controls to prevent, correct or act upon data breaches
in a timely manner.
This Conference offers a roadmap to constructing an effective plan in a world
where companies have more information and data than ever before and the
threat risk is higher than ever.
Data is at the heart of how companies run businesses…
and what hackers want
Our panel, comprised of experts from the corporate, legal and advisory sectors,
will address in a highly practical fashion how you should rethink assessment and
implementation of policies and standards for digital information and attendant
The general counsel today needs to be digitally literate with an
understanding of business opportunities and risks related to the
explosion of data. Who else should be on the team to manage digital
information and risk and determine information policies and
It also is particularly critical to be able to value data and risk of loss. Few
organizations can afford to have a high wall of protection or analytics
surrounding every data set so knowing what you have, where it is and how it
is protected now and the impact if it is attacked and/or compromised is key
to decision making.
Policies now have to encompass the reality that a great deal of a company’s
information may also be outside the enterprise--with suppliers, dealers and
customers and in the Cloud or on the Internet for business management and
transaction purposes. What should be your requirements for partners and
third parties and how do you ensure compliance?
These are the kinds of issues we will deal with throughout each topic on the
All the while, you also need to be cognizant of the growing internal threats to
any organization and how they are minimized, monitored and mitigated.
In sum this meeting promises to be an extremely valuable morning of education,
idea sharing and updates on the very latest thinking and approaches of
companies in many sectors.
SPECIAL FEATURE: Game of Threats™
New virtual teaching tool to test, improve cybersecurity skills
Major cybersecurity breaches make headlines—and nightmares for
companies—on a regular basis. As incidents multiply in frequency and cost,
the cybersecurity programs of U.S. enterprises must be strengthened to
rival the persistence and technological prowess of sophisticated cyber
adversaries. Game of Threats™ provides a virtual training ground in which
executives and their advisors and teams can sharpen their cybersecurity
skills and become battle ready as cyberattacks intensify.
The game challenges players to make quick, high-impact decisions with
minimal information. This high-pressure environment helps executives and
counsel assess their readiness to respond to a breach and practice striking
the right balance between taking action and ensuring that the necessary
cybersecurity resources are available and properly used. Players also learn
to manage the opposing forces of offense and defense over a sustained
period of time.
8:30 a.m.–9:00 a.m. Breakfast & Registration; 9:00 a.m.–Noon Program
Information/Data/Cyber Governance and the Risk Landscape
A. Who is on the team and responsible for managing threats?
Responsibilities of General Counsel, Chief Risk Officer, Head of Privacy,
Chief Data Officer, CIO, CISO, the Board
B. Management of digital rights and crisis management responsibility.
C. Regulatory and enforcement rules and standards around data quality,
data security and cybersecurity
D. Operational and implementation issues
E. Cyber threat and theft of trade secrets, sensitive information
F. Mergers, acquisitions and divestitures / ownership of information
G. Value of risk assessment
H. Legal Hold and defensible disposition in the Cloud
The New World of Big Data
Understanding numerous data formats including structured and unstructured
Maximizing business opportunities using big data; innovative uses of data
Minimizing business risk using data analytics
Leveraging big data; special issues around ownership, use of big data in the
Managing, manipulating and organizing data, data mining, data archiving
1. Data archives grow at 59% annual rate last year. How should you prepare
for this huge year-on-year expansion?
2. Uses of big data including information security risk assessment and
monitoring risks, investigations, e-discovery
3. Storage of large amounts of data (costs for storage, organizational risks to
keeping this data on hand, how to plan for retention and disposition
during the design phase)
Understanding how government regulators and prosecutors are using big data
Change Management
1. Culture of compliance: key changes in practice at the supervisory and
employee levels
2. The necessity of change management for implementation of information
governance programs
3. Special topics in change management: social media, mobile applications,
BYOD, and the Cloud
III. Privacy Considerations. What Information is Collected?
A. Privacy protection of data; U.S. and E.U. enforcement
1. Status of E.U. data protection directive and exposure to laws in member
2. F.T.C. regulatory and enforcement initiatives
3. State notification laws
B. Identifying and responding to privacy breaches
C. Intersection of cybercrime, cyber security, cyber preparedness and privacy
D. Compliance based approaches, policy enforcement; using data analytics to
protect personal information
E. Reconciling data protection, data innovation and privacy
F. Information gathering and privacy concerns; embedding privacy protection in
systems; special practices of trade secrets and sensitive information
G. Managing data risks and privacy when dealing with social media, BYOD,
mobile applications, and the Cloud
Registration Form:
Complimentary Breakfast Briefing
Wednesday, March 18, 2015, 9:00 a.m. - Noon
The National Press Club, 529 14th St. NW, Washington, D.C.
Return Registration Form to:
[email protected] OR fax to 973-278-8833.
Breakfast and Registration – 8:30 a.m. – 9:00 a.m.
CLE/CPE credit has been applied for.
Cooperating Program Developer:
About PwC:
PwC’s Cybersecurity Consulting Services help organizations understand dynamic cyberchallenges and breach/ incident indicators to stay one step ahead of the threat actors,
adapt and respond to risks inherent in their business ecosystem, and prioritize and
protect the most valuable assets fundamental to their business strategy. We’re a
member of the PwC network of firms in 157 countries with more than 184,000 people.
By delivering innovative solutions today that help identify and protect against future
threats, we enable organizations to adapt and respond to the dynamic cyber-risks
inherent in doing business in a globally interconnected ecosystem.
For more information on PwC’s cybersecurity point of view, visit:
Program Organizer:
About Sandpiper Partners LLC:
Sandpiper Partners is an educational consulting firm run by industry advisors Stephen
and Lynn Glasser. Sandpiper Partners is a pioneer in presenting educational
conferences on cybersecurity and cybercrime to help businesses cope with the need for
information in this rapidly changing world.