Law Seminars International Presents: The Second Annual Comprehensive Conference on

Cybersecurity Law
Critical issues and risk management strategies for attorneys, business executives and agency officials

January 12 & 13, 2015
Washington State Convention Center in Seattle, WA

Who Should Order This Homestudy

Attorneys, business executives, government officials, and consultants involved with critical infrastructure and sensitive information needing protection from cyber attacks

Why You Should Order

Large-scale cyber attacks and data breaches have been in the news a lot this year. Target, Home Depot and JPMorgan Chase have headlined a string of spectacular announcements involving the personal information of tens of million consumers. Consumer information, however, is by no means the only data at risk as companies collect, store and mine exabytes of data for purposes ranging from health care monitoring to location tracking for push advertising.

The data itself is not our only concern. Our privacy and anonymity are also called into question by the proliferation of information about all of us that is collected, mined, sifted, traded and sold by thousands of companies, dozens of governments and unknown numbers of criminal syndicates. The explosive growth of the Internet of Things, location services and WiFi enables cyber hackers, online advertising companies and the government to track and record an individual's physical movements as well as their online activity. Hackers may be able to open the door of your house or disable your car, if you're accessing them remotely yourself. Companies in this industry may find themselves liable to people suffering physical harm.

The level of risk and severity of potential consequences vary from industry to industry and company to company. The challenge for every company is to accurately assess cybersecurity risks and address them in a cost-effective way.

Some of our speakers have been actively involved in development of the National Institute of Standards and Technology (NIST) Cybersecurity Framework and other aspects of cybersecurity planning. Other speakers know how to leverage industry standards and best practices to protect systems and detect potential problems, along with processes to keep informed of current threats and be prepared for timely response and recovery. Join us for a stimulating and enlightening discussion of cybersecurity policy, risk management, and practical lessons learned.

~ Program Co-Chairs: Rob McKenna, Esq.,Orrick, Herrington & Sutcliffe LLP, and Tyson Storch, Esq., Microsoft Corporation

What You Will Learn


Monday, January 12, 2015

8:00 am

Registration Opens

8:30 am

Introduction & Overview

Rob Mckenna, Esq., Program Co-Chair
Orrick, Herrington & Sutcliffe LLP / Seattle, WA

Tyson E. Storch, Esq., Program Co-Chair, Director, Cybersecurity Strategy and Policy Center
Microsoft Corporation / Redmond, WA

8:45 am

Cybersecurity: Overview of Key Attacks Over the Past Year and the Implications for Cybersecurity Planning

Kevin J. Murphy, Esq., Director, Windows Security Architecture
Microsoft Corporation / Redmond, WA

9:30 am

Update on Implementation of Executive Order 13636: A Year In, How Successful Has It Been In Improving Critical Infrastructure Cybersecurity?

The National Institute of Standards and Technology (NIST) Draft Cyber Security Framework: Best working approaches for public/private collaboration for integrating cybersecurity policies and investments into risk management

Bruce McConnell, Senior Vice-President
EastWest Institute / Washington, DC

10:15 am


10:30 am

The Anatomy of Data Security Breaches: The Evolving Landscape for Offenders and Law Enforcement Response

Law enforcement cyber initiatives and what agencies need from victimized organizations before and after an attack

James M. Aquilina, Esq.
Stroz Friedberg LLC / Los Angeles, CA

Tips for targets: Establishing an effective digital crimes unit; what to do in the first moments after discovery of an attack

Jenny A. Durkan, Esq., Partner
Quinn Emanuel Urquhart & Sullivan, LLP / Washington, DC

Know thy opponent: Who are the most dangerous offenders at this point in time?

David Dittrich, Principal Software Engineer/Computer Specialist
University of Washington / Seattle, WA

12:15 pm

Lunch (on your own)

1:30 pm

Update on Legal Developments for Cybersecurity Law

Regulatory requirements and structure: What agencies are most active in what areas? What items do you need on your regulatory compliance checklist?

Sean B. Hoar, Esq., CIPP/US
Davis Wright Tremaine LLP / Portland, OR

Issues arising from the inherent tension between monitoring internet activity for cybersecurity and civil liberties

Lee Tien, Esq., Senior Staff Attorney
Electronic Frontier Foundation ("EFF") / San Francisco, CA

Important lessons from recent court cases involving security breaches

Todd M. Hinnen, Esq.
Perkins Coie LLP / Seattle, WA

3:15 pm


3:30 pm

Persistent Threats in the Cloud: How Should They Affect Your Thinking About Migration to Cloud Services?

Recent trends, mobile and cloud security issues

Kirk C. Bailey, Chief Information Security Officer
University of Washington / Seattle, WA

Consultant, vendor and customer perspectives on how organizations (from financial institutions to law firms) should upgrade their approach to risk management

Scott J. Stein, Esq., General Counsel & VP Public Policy
Online Trust Alliance / Bellevue, WA

Tanya L. Forsheit, Esq.
Baker & Hostetler LLP / Los Angeles, CA

Joseph P. Cutler, Esq.
Perkins Coie LLP / Seattle, WA

5:00 pm

Continue the Exchange of Ideas: Reception for Faculty and Attendees

Sponsored by Microsoft Corporation and Orrick Herrington & Sutcliffe LLP


Tuesday, January 13, 2015

8:30 am

Introduction to Day 2

Rob McKenna, Esq., Program Co-Chair
Orrick, Herrington & Sutcliffe LLP / Seattle, WA

Tyson E. Storch, Esq., Program Co-Chair, Director Cybersecurity Strategy and Policy Center
Microsoft Corporation / Redmond, WA

8:45 am

Data & Privacy: Evolving Best Practices for Selecting and Implementing the Right Technology

Risk assessment and compliance with privacy requirements: How technological advances are impacting the optimal solutions, raising new legal issues, and changing business plan considerations

Aravind Swaminathan, Esq.
DLA Piper / Seattle, WA

9:30 am

Challenges & Solutions: Lessons from Efforts to Secure Financial Infrastructure and Maintain Ease of Electronic Operations for Consumers

Randal L. Gainer, Esq.
Baker & Hostetler LLP / Seattle, WA

10:15 am


10:30 am

Addressing Additional Risk from the "Internet of Things": Lessons from the Health Care Sector

Technological trends in eHealth services, supporting infrastructure, and what to expect for future remote monitoring devices

Steven D. Gravely, Esq.
Troutman Sanders LLP / Richmond, VA

Trends in government regulatory policies towards eHealth services, particularly with respect to privacy issues for patients including the FDA's draft cybersecurity guidance for medical device premarket submissions

Linn F. Freedman, Esq.
Nixon Peabody LLP / Providence, RI

Legal issues and best lessons from the trenches for developing effective compliance plans

Theodore J. Kobus, III, Esq.
Baker & Hostetler LLP / New York, NY

12:00 pm

Lunch (on your own)

1:15 pm

Risk Management of Potential Liability for Release of Information: Assessing, Managing, & Defending Against Claims

Lessons from recent cases involving data security breaches

Douglas H. Meal, Esq.
Ropes & Gray LLP / Boston, MA

Tips for establishing the right balance between communicating with the press/public to re-build trust in the event of a breach without increasing legal liability

Hemanshu (Hemu) Nigam, Founder
SSP Blue / Beverly Hills, CA

Establishing the optimal role for in-house and outside counsel vs. CIO and the marketing department for responding to cyber incidents

James M. Garland, Esq., Partner
Covington & Burling LLP / Washington, DC

2:45 pm


3:00 pm

Adapting Your Global Compliance Strategy to Different Regulatory Structures for the Internet

Implications of the right to be forgotten and other new data management policies in the European Union; important differences in regulatory structures in Asia and other parts of the world

Alan C. Raul, Esq.
Sidley Austin LLP / Washington, DC

3:45 pm

Insurance Coverage

Trends in coverage options and costs; tips for evaluating policies

Scott N. Godes, Esq.
Barnes & Thornburg LLP / Washington, DC

4:15 pm

General Counsel as the Risk Manager

Developing your checklist; practical aspects of setting up internal structures and operations for compliance; working with the Chief Information Security Officer; pros and cons of currently available cyber insurance products

Jeffrey A. Christianson, Esq.
Nintex / Bellevue, WA

5:00 pm

Evaluations and Adjourn



Regular tuition for in person or live webcast attendance is $1,245 with a group rate of $935 each for two or more registrants from the same firm. For government employees, we offer a special rate of $830. For students, people in their job for less than a year, and public interest NGO's, our rate is $622.50. All rates include admission to all seminar sessions, food and beverages at breaks, and all course materials. Make checks payable to Law Seminars International.

Financial aid is available to those who qualify. Contact our office for more information.

Continuing Education Credits

Live credits: This program qualifies for 13 WA CLE credits. Upon request, we will apply for, or help you apply for, CLE credits in other states and other types of credits.


There is a $25 cancellation fee for Course Materials orders and $50 for Homestudy orders

Faculty Bios

Rob McKenna, Program Co-Chair, partner, Orrick, Herrington & Sutcliffe LLP, is Co-Head of the firm's Public Policy Group. He is the former Attorney General of the State of Washington, and is experienced in public policy, appellate law and investigations.

Tyson E. Storch, Program Co-Chair, is the Director of Microsoft's Cybersecurity Strategy and Policy Center on the Global Security Strategy and Diplomacy team. He is responsible for emerging cybersecurity policy and regulatory risk management.

James M. Aquilina, Executive Managing Director, Stroz Friedberg LLC, leads the firm's Global Digital Forensics Practice. He supervises assignments for government agencies, major law firms, and corporate management and information systems departments. He is is a former federal cybercrime prosecutor and a published author on malware forensics.
Full bio and contact info for James M. Aquilina at Stroz Friedberg LLC

Kirk C. Bailey, Chief Information Security Officer, University of Washington focuses on strategic planning, oversight and accountability for information assurance programs, which include information security and privacy. He is Chair of the University's Privacy Assurance and Systems Security Council (PASS Council).

Jeffrey A. Christianson, General Counsel of Nintex, the world's leading workflow software company served as a senior executive and chief legal officer for over 23 years. Previously he was Executive Vice President and General Counsel of F5 Networks, Inc., a global leader in application delivery networking.

Joseph P. Cutler, counsel, Perkins Coie LLP, counsels clients in areas related to privacy and data security, consumer protection law and internet law.

David Dittrich, Principal Software Engineer/ Computer Specialist in the Applied Physics Laboratoryr, University of Washington, investigates and counters computer crimes.

Jenny Durkan, partner, Quinn Emanuel Urquhart & Sullivan, LLP,, is nationally recognized for her leadership in the areas of cyber crime, complex litigation, governmental policy and legislative strategy. She serves as Global Chair of the Cyber Law and Privacy Group.

Tanya L. Forsheit, partner, Baker & Hostetler LLP, works with clients to address legal requirements and best practices for protection of customer and employee information. She advises organizations across disciplines in compliance, transactions, and litigation matters involving the use, sharing, and protection of sensitive information.

Linn F. Freedman, partner and Head of Nixon Peabody LLP's Privacy & Data Protection Group and Chair of the firm's HIPAA Compliance team practices in data privacy and security law, including complex litigation and government investigations to identify high risk data and implementing measures to protect it.
Full bio and contact info for Linn F. Freedman at Nixon Peabody LLP

Randal L. Gainier, partner at Baker & Hostetler LLP, represents businesses that have suffered from data breaches in litigation and in regulatory proceedings. He defends companies against class action claims whose data is allegedly lost or stolen, and assists businesses working with prosecutors and law enforcement agents to help investigate and prosecute data thieves.

James M. Garland, partner in Covington & Burling LLP's Litigation and White Collar Defense & Investigations practice groups, advises clients on national security-related matters, including issues involving electronic surveillance, cyber-security, and data privacy.

Scott N. Godes, partner, Barnes & Thornburg LLP is a member of the firm's Litigation Department, the Policyholder Insurance Recovery and Counseling Group, and the Internet & Technology Law Group. He is a veteran trial lawyer with experience in insurance coverage matters and technology issues.

Steven D. Gravely, partner, and Health Care Practice Group Leader, Troutman Sanders LLP, focuses on health law and disaster preparedness and response issues for critical infrastructure industries. He has represented hospitals and other health care providers in a full spectrum of health care legal issues.

Todd M. Hinnen, partner at Perkins Coie LLP, focuses on civil and criminal litigation, investigations, and regulatory compliance counseling relating to privacy and network security. Previously, he was the Acting Assistant Attorney General for National Security at the U.S. Department of Justice.

Sean B. Hoar, CIPP/US, partner, Davis Wright Tremaine LLP, counsels businesses and organizations on best practices in information privacy and data security, countering cyber security threats, and responding to data breaches. He teaches cybercrime courses at the University of Oregon School of Law and Lewis & Clark Law School, and served as the lead cyber attorney for the U.S. Attorney's Office in Oregon.
Full bio and contact info for Sean B. Hoar at Davis Wright Tremaine LLP

Theodore J. Kobus III, partner, Baker & Hostetler LLP, advises clients, trade groups, and organizations regarding data security and privacy risks, including compliance, developing breach response strategies, defense of regulatory actions, and defense of class action litigation.

Bruce McConnell, Senior Vice President, EastWest Institute, is responsible for leading East West's communications and networking with public and private sectors around the world.

Douglas H. Meal, partner, Ropes & Gray LLP, recently played a leading role in the firm's privacy and data security practice, specializing particularly in representing clients targeted by litigation and government investigations stemming from highly publicized data security breaches by leading corporations.

Kevin J. Murphy, Director of Windows Security Architecture for the Microsoft Operating Systems Group and a retired air force intelligence officer. He holds a CISSP, CIGEIT, and CISM certification, and has over 25 years of experience in intelligence and cyber security.

Hemanshu (Hemu) Nigam, CEO of SSP Blue, is an online safety, security and privacy expert, and founder of, your daily dose of online safety, security, and privacy news. Previously he served as the CSO of News Corporation's digital properties, the CSO of MySpace, and as a security executive at Microsoft.

Alan C. Raul, founder and Lead Global Coordinator of Sidley Austin LLP's privacy, data security and information law practice. He represents companies on federal, state and international privacy issues, including global data protection and compliance programs, data breaches, cybersecurity, consumer protection issues and internet law.

Scott J. Stein, General Counsel & VP Public Policy, focuses on data breaches, cybercrime, law enforcement, data security and privacy. Prior to OTA, Scott was a Managing Director at Stroz Friedberg. He also was a Senior Attorney at Microsoft.

Aravind Swaminathan, partner, DLA Piper, represents companies and individuals in government and internal investigations, cybersecurity incidents and data breaches and matters relating to privacy. A former prosecutor, he draws on his experience investigating cyber and white collar crimes.

Lee Tien, Senior Staff Attorney, Electronic Frontier Foundation ("EFF"), specializing in free speech law, including intellectual property and privacy law. Previously he was a sole practitioner specializing in FOIA litigation.