Law Seminars International Presents: A new comprehensive conference on

Cybersecurity Law and Strategies
Best practices for assessing and managing cybersecurity risks

(For this past program, we offer two options for purchase: a Homestudy (DVD and written materials) or written materials alone.)

January 27 & 28, 2014
Renaissance Seattle Hotel in Seattle, WA

Who Should Order This Homestudy

Attorneys, corporate executives, and governmental officials responsible for or otherwise involved with cybersecurity planning and interested in a holistic approach (legal/regulatory, technical and risk)

Why You Should Order

As the publication Corporate Board Member recently reported in its annual "Law in the Boardroom" study, corporate directors and general counsel expect cyber risk to be among their most pressing concerns this year. The level of risk varies from industry to industry and company to company. Unless companies develop the capability to accurately assess and manage cybersecurity risks, they are likely to be over-confident in their risk mitigation efforts.

In February, President Obama signed Executive Order 13636 directing the National Institute of Standards and Technology (NIST) to develop a strong and agile Cybersecurity Framework. NIST has been working steadily on that task this year in consultation with the industry. In August, it released a discussion draft; it plans to release a full preliminary draft this fall, with a final framework due in February 2014.

According to the Department of Homeland Security, "A comprehensive cybersecurity program leverages industry standards and best practices to protect systems and detect potential problems, along with processes to be informed of current threats and enable timely response and recovery." This program addresses the various issues to resolve in developing a comprehensive cybersecurity program.

Our speakers have been actively involved in development of the Cybersecurity Framework and other aspects of cybersecurity planning. You won't want to miss their insights into the key elements and most effective approaches for developing the program that best suits your individual organization's risks and circumstances.

~ Rob McKenna, Esq. and Tyson Storch, Esq., Program Co-Chairs

What You Will Learn


Monday, January 27, 2014

8:00 am

Registration Opens

8:30 am

Introduction & Overview

Rob McKenna, Esq., Program Co-Chair
Orrick, Herrington & Sutcliffe LLP / Seattle, WA

Tyson Storch, Esq., Program Co-Chair, Principal Security Strategist
Microsoft Corporation / Redmond, WA

8:45 am

Cybersecurity: What's at Stake

Understanding risk, leveraging industry standards and implementing best practices

Paul Nicholas, Senior Director, Global Security Strategy
Microsoft Corporation / Redmond, WA

9:15 am

Special Address: Cybersecurity as a National Policy Priority

Congressional views on threats to national security and response strategies; prospects for future legislation

Norman D. Dicks, Esq., Senior Policy Advisor
Van Ness Feldman, LLP / Washington, DC

9:45 am

Obama Administration Initiatives: Implementation of Executive Order 13636 - Improving Critical Infrastructure Cybersecurity

The National Institute of Standards and Technology (NIST) Draft Cyber Security Framework: Public/private collaboration for integrating cybersecurity policies and investments into risk management

Bruce McConnell, Senior Vice-President
EastWest Institute / Washington, DC

10:15 am


10:30 am

The Anatomy of Data Security Breaches: Offenders and Law Enforcement Response

Noteworthy trends in security breaches; involvement by organized crime and foreign governments; targets and solutions

David Dittrich, Affiliated Research Scientist
University of Washington Applied Physics Laboratory / Seattle, WA

Targets: How organizations work most effectively with law enforcement; recommendations for establishing a digital crimes unit

Richard D. Boscovich, Esq., Assistant General Counsel, Digital Crimes Unit
Microsoft Corporation / Redmond, WA

Law enforcement perspective: Response to cyber attacks - what law enforcement agencies require of victimized organizations

Jenny A. Durkan, Esq., US Attorney, Western District of Washington
U.S. Attorney's Office / Seattle, WA

12:15 pm

Lunch (on your own)

1:30 pm

Legal Developments for Cyber Security Law

Regulatory requirements and structure (to the extent there is one): Who has jurisdiction over what? What items do you need on your regulatory compliance checklist?

Paul M. Tiao, Esq.
Hunton & Williams LLP / Washington, DC

Important lessons from recent court cases involving security breaches

Kimberly Kiefer Peretti, Esq.
Alston & Bird LLP / Washington, DC

3:00 pm


3:15 pm

Advanced Persistent Threats: Challenges & Solutions

Governments and sophisticated agents mounting attacks: Recent trends, mobile and cloud security issues

Scott J. Stein, Managing Director
Stroz Friedberg / Seattle, WA

Law enforcement perspectives: understanding and dispelling popular misconceptions about advanced persistent threats

Michael A. Vatis, Esq.
Steptoe & Johnson LLP / New York, NY

How organizations (from financial institutions to law firms) should upgrade their approach to risk management

Joseph P. Cutler, Esq.
Perkins Coie LLP / Seattle, WA

5:00 pm

Continue the Exchange of Ideas: Reception for Faculty and Attendees

Sponsored by Orrick Herrington & Sutcliffe LLP


Tuesday, January 28, 2014

8:30 am

Challenges & Solutions: Lessons from Efforts to Secure Electric Infrastructure and Grid Operations

Update on development of NERC's Cyber Security Transition Guidance: Primary risks and the evaluation of the pros and cons of various proposed solutions

Matthew Blizard, Director, Critical Infrastructure Protection
North American Electric Reliability Corporation / Washington, DC

9:15 am

Developing a Practical Global Compliance Strategy

Determining which laws your organization is subject to; establishing cybersecurity procedures and ensuring compliance; monitoring changes in the requirements

Alan Charles Raul, Esq.
Sidley Austin LLP / Washington, DC

10:15 am


10:30 am

Challenges & Solutions: Smart Grid, Cloud Computing and the "Internet of Things"

Electric Smart Grid implementation and risks created by deployed initiatives: smart device regulatory policy

The Hon. Philip Jones, Commissioner
Washington Utilities & Transportation Commission / Olympia, WA

Electric Smart Grid implementation: Utility perspective

Linda R. Evers, Esq.
Stevens & Lee / Reading, PA

Cloud services, eHealth infrastructure and remote monitoring devices

Aramide O. Fields, Esq.
Morrison & Foerster LLP / San Diego, CA

12:00 pm

Lunch (on your own)

1:15 pm

Potential Liability for Release of Information: Assessing, Managing, & Defending Against Claims

Lessons from defending claims resulting from data security breaches

Douglas H. Meal, Esq.
Ropes & Gray LLP / Boston, MA

Legal considerations in responding to cyber incidents: An examination of threats and the role of lawyers in responding to cyber incidents

David N. Fagan, Esq.
Covington & Burling LLP / Washington, DC

Advising clients on the balance between communicating with the press/public to re-build trust in the event of a breach without increasing legal liability

Hemanshu (Hemu) Nigam, Esq., Founder
SSP Blue / Beverly Hills, CA

2:45 pm


3:00 pm

Data & Privacy: the Right Technology and Approach

Advising clients on risk assessment and compliance with privacy requirements; budgeted solutions, business plan considerations and customer communications

Stephanie Sharron, Esq.
Orrick, Herrington & Sutcliffe LLP / Menlo Park, CA

3:45 pm

General Counsel as the Risk Manager

Developing your checklist; practical aspects of setting up internal structures and operations for compliance; working with the Chief Information Security Officer; pros and cons of currently available cyber insurance products

Jeffrey A. Christianson, Esq.
Bellevue, WA

4:30 pm

Evaluations & Adjourn



Regular tuition for this program is $1245 with a group rate of $935 each for two or more registrants from the same firm. For government employees, we offer a special rate of $830. For students and people in their job for less than a year, our rate is $622.50. All rates include admission to all seminar sessions, food and beverages at breaks, and all course materials. Make checks payable to Law Seminars International.

Continuing Education Credits

Live credits: This program qualifies for 12.75 WA CLE credits. Upon request, we will apply for, or help you apply for, CLE credits in other states and other types of credits.


There is a $25 cancellation fee for Course Materials orders and $50 for Homestudy orders

Faculty Bios

Rob McKenna, Program Co-Chair, partner, Orrick, Herrington & Sutcliffe LLP, is co-head of the firm's Public Policy Group. He is the former Attorney General of the State of Washington, and is experienced in public policy, appellate law and investigations.

Tyson Storch, Program Co-Chair, Principal Security Strategist, Microsoft Corporation, manages the Cyber Security Strategy and Policy Center in the Global Security Strategy and Diplomacy team. He is responsible for emerging cyber security policy and regulatory risk management.

Matthew Blizard, Director of Critical Infrastructure Protection, North American Electric Reliability Corporation, directs the critical infrastructure protection and cybersecurity program.

Richard D. Boscovich, Assistant General Counsel, Microsoft, leads the Digital Crimes Unit, a team of investigators focused on malicious code and spyware enforcement cases.

Jeffrey A. Christianson, is Executive Vice President and General Counsel, F5 Networks Inc.

Joseph P. Cutler, counsel, Perkins Coie LLP, counsels clients in areas related to privacy and data security, consumer protection law and internet law.

Norman D. Dicks, Special Address, Senior Policy Advisor, Van Ness Feldman, LLP, former U.S. Representative, advises clients on public policy, strategic and regulatory issues, particularly those in the environmental sector. He was awarded the CIA Directors Medal while serving on the U.S. House of Representatives' Intelligence Committee.

David Dittrich, Affiliated Research Scientist, Office of the Chief Information Security Officer, University of Washington, investigates and counters computer crimes.

Jenny A. Durkan, United States Attorney, Western District of Washington, Chairs the Attorney General's Advisory Subcommittee on Cybercrime and Intellectual Property Enforcement.

Linda R. Evers, Chair of the Energy Communications and Public Utility Group, joined Stevens & Lee after serving for 18 years as in-house counsel for FirstEnergy, the largest investor-owned utility in the nation. She is a participating member of the NIST Smart Grind Interoperability Panel (SGIP).

David N. Fagan, partner, Covington & Burling LLP, counsels clients on preparing for and responding to cyber-based attacks on their networks and information.

Aramide O. Fields of Morrison & Foerster LLP, focuses her litigation practice on product liability, pharmaceutical and medical devices, advertising and marketing law.

The Hon. Philip B. Jones, Commissioner, Washington Utilities & Transportation Commission, is President of NARUC and chair of its Board of Directors and Executive Committee. Previously he served as Managing Director of Cutter & Buck and as legislative assistant to Senator Daniel J. Evans.

Bruce McConnell, Senior Vice President, EastWest Institute, is responsible for leading East West's communications and networking with public and private sectors around the world.

Douglas H. Meal, partner, Ropes & Gray LLP, represents companies in complex transaction-related disputes. He has played a leading role in the firm's privacy and data security practice.

Paul Nicholas, Senior Director, Microsoft, leads the Global Security Strategy and Diplomacy Team, focusing on future security trends, risk management, identity and Internet health. He formerly worked as the White House Cybersecurity Director.

Hemanshu (Hemu) Nigam is the founder of SSP Blue, the leading advisory firm for online safety, security, and privacy challenges facing corporations and governments. He has been asked by the White House and the United Nations to provide guidance and counsel on navigating the world's most critical online protection challenges and has been a featured expert on BBC, BusinessWeek, CNN, Financial Times, Fox News, The New York Times, The Wall Street Journal, Good Morning America, and the CBS Early Show.

Kimberly Kiefer Peretti, partner, Alston & Bird LLP, practices in the firm's White Collar Crime Group and acts as Co-Chair of the Security Incident Management and Response Team.

Alan Charles Raul, partner and lead Global Coordinator, Sidley Austin LLP, heads the company's Privacy, Data Security and Information Law practice.

Stephanie Sharron, partner, Orrick, Herrington & Sutcliffe, counsels companies in connection with technology and intellectual property transactions and related privacy, data security, and internet safety issues.

Scott J. Stein, a Managing Director at Stroz Friedberg, oversees the firm's Seattle operations and key practice areas, including cybercrime and data breach response, digital forensics and ediscovery. Previous, he was a Senior Attorney at Microsoft Corporation and an Assistant U.S. Attorney for the U.S. Department of Justice.

Paul M. Tiao, partner, Hunton & Williams LLP, focuses his practice on cybersecurity, homeland security and privacy. Prior to joining Hunton & Williams, he served as Senior Counselor for Cybersecurity and Technology to the Director of the Federal Bureau of Investigation.

Michael A. Vatis, partner, Steptoe & Johnson LLP, focuses his practice on Internet, e-commerce and technology matters. He was the founding director of the National Infrastructure Protection Center at the FBI.