Description
Chair:
Dr. Nathalie Moreno
Speakers:
Arran Roberts, Partner, Kennedys Law
Oliver Price, Director, Cybersecurity Transformation at S-RM
Ann McManus, Senior Counsel for Data Protection & Cybersecurity and UK DPO, FIS
Eric Crusius, Partner, Holland & Knight, Washington DC
Our masterclass will delve into essential topics crucial for advising clients effectively.
- Managing Cybersecurity Incidents and Insurance Claims: Learn best practices for handling cybersecurity incidents and navigating insurance claims under UK law, focusing on breach notifications and data protection compliance.
- Cybersecurity and Financial Services in the UK and the EU: Attendees will gain insights into the regulatory frameworks governing cybersecurity in both regions, including the EU/UK GDPR, the NIS Directive/UK Regulations, and the EU Digital Operational Resilience Act (DORA).
- Analysing the 2024 CrowdStrike Incident: Understand the legal and technical ramifications of the 2024 CrowdStrike outage. Review key lessons learned and preventative measures to avoid similar incidents.
- Briefing on the Impact of U.S. Cybersecurity Regulations on European Companies: We will address the impact of current and upcoming U.S. cybersecurity regulations on European companies in the U.S. supply chain, future trends, and related cautionary case studies.
Sessions:
Session 1 – Navigating cybersecurity incidents and insurance claims in the UK
This session will provide an in-depth analysis of managing cybersecurity incidents and the subsequent insurance claims within the UK legal framework. Attendees will explore best practices for incident response, including legal obligations for breach notifications and data protection compliance. The session will also cover the intricacies of cyber insurance policies, from coverage specifics to the claims process, and discuss how to effectively collaborate with insurers to mitigate financial and reputational damage following a cyber incident.
Session 2 – Cybersecurity and Financial Services in the UK and the EU
This session will explore the unique cybersecurity challenges faced by the financial services sector in the UK and the EU. Attendees will gain insights into the regulatory frameworks governing cybersecurity in both regions, including the EU/UK GDPR, the NIS Directive/UK Regulations, and the EU Digital Operational Resilience Act (DORA). The discussion will cover best practices for protecting sensitive financial data, managing cyber risks, and ensuring compliance with stringent regulatory requirements. Additionally, we will examine the latest cyber resilience regulations in the UK, such as the FCA and PRA guidelines on operational resilience, highlighting their impact on financial institutions as well as the new UK proposed Cyber Security and Resilience Bill.
Session 3 – 2024 CrowdStrike incident: Lessons learned
During this session will dig into the details of the 2024 CrowdStrike incident. The discussion will revolve around the cause of an incident that led to the crash of approximately 8.5 million Microsoft Windows systems worldwide. We will explore how this incident, considered the largest outage in the history of information technology, unfolded and the subsequent global disruption it caused across various sectors. Finally, Oliver will highlight the lessons learned from this incident and discuss measures to prevent, or mitigate, similar events in the future. This analysis aims to provide valuable insights into the importance of robust cybersecurity measures and the potential consequences of their failure.
Session 4 – Briefing on the Impact of U.S. Cybersecurity Regulations on European Companies
There is a proliferation of new cybersecurity regulations in the United States that are impacting British and European companies in the US supply chain. This briefing will explore those regulations that are present, those that are coming, the future trends and their impacts. We will also explore a couple of case studies that are cautionary tales for European companies.
Why is this event important?
The Society for Computers and Law invites lawyers and cyber professionals to an exclusive Cybersecurity Masterclass, where we will equip you with the knowledge and expertise to advise your clients with the utmost confidence on the ever-evolving landscape of cybersecurity.
Individuals, companies, and governments face an incessant and escalating threat to the security of their data, systems, and infrastructure. In this digital age, the stakes are higher than ever, and organisations must be fully prepared to thwart, respond to, and rectify cyber vulnerabilities. As a senior lawyer, your clients rely on your guidance to navigate these treacherous waters and emerge unscathed.
Who should attend this event?
- Cybersecurity and Data protection Lawyers (in private practice and in-house)
- IT Law academics and students
- Cyber and Tech sector professionals & managers who need to understand cybersecurity
- Anyone interested in cybersecurity
Speaker bios:
Arran Roberts
Arran specialises in cyber liability and data risk and is a part of Kennedys’ breach response team, where she deals with incidents including ransomware and business email compromises. Arran routinely advises insurers and corporate entities across a variety of sectors on all aspects of incident response, including regulatory investigations, data subject obligations and resulting data subject litigation. She is often involved in multi-jurisdictional breaches in conjunction with Kennedys’ worldwide offices. Arran also advises clients from a wide range of industries in relation to data privacy and the application of the legislative and regulatory framework to their operations.
Oliver Price
Oliver Price is a Director in S-RM’s cybersecurity practice. Having held roles as Head of Incident Response he has heled organisations respond to and recover from major cyber incidents for over 10 years. This has included the response to global ransomware incidents, investigation of attacks on financial institutions by North Korea’s Lazarus Group and the targeting of national health infrastructure during the novel COVID pandemic. Before that he held a number of IT infrastructure positions in the network engineering and architecture domains.
Ann McManus
Ann is a New York qualified and internationally educated lawyer who leads FIS’ Privacy Legal and Privacy Incident Management teams. She is also FIS UK DPO. She was shortlisted: Women in Governance, Risk and Compliance Awards – Chief Privacy Officer of the Year 2022.
Eric Crusius
Eric Crusius is an attorney and partner at Holland & Knight and is a member of the Firm’s government contracts and Global Cybersecurity and Privacy Policy and Regulation teams. In his role, among other things, Eric advises companies on their cybersecurity regulatory obligations, counsels companies dealing with cybersecurity incidents, and guides companies through compliance requirements. He is an industry thought leader with respect to these issues having appeared on Government Matters, Federal News Network and featured at conferences to provide insight to the greater contractor and international community.
This event is hosted and sponsored by Mayer Brown.
Administration notes:
Fees:
£200 + VAT (£240) for SCL members
£400 + VAT (£480) for non-members
To enquire about SCL membership and receive the discounted fee, please email hello@scl.org.
Booking terms and conditions:
Please refer to SCL’s full event terms and conditions here.
Registration and attendee arrival:
Registration for this event starts at 1:00 pm.
Joining details:
For in-person events, you will receive joining details within 24 hours of the event. For online events, we will send the Zoom link on the morning of the event.
Recording:
This event will also be recorded and the recording will be available to delegates shortly afterwards.
Event Booking Form for Your Internal Use
If you require internal sign-off in order to attend events and training, please go to our Internal Booking Form page to download your form.
The form contains essential information about the event, including speakers and content, why you should attend and the intended learning outcomes.
Non-members wishing to join the Society are entitled to membership of the Society valid for 12 months from the date of payment including full access to the content of the SCL web site www.scl.org, the SCL magazine “Computers & Law” plus reduced fees for training events where a fee is applicable. The cost of an annual SCL membership is £165.00. If you have any queries about SCL membership please contact the SCL office on Tel: 07948517049 or Email: hello@scl.org
Free membership for trainee lawyers and UK students:
SCL provides free membership for trainee lawyers until qualification and for UK students in full-time education with a valid ac.uk email address. Student members are eligible to attend SCL events at concessionary rates where a fee is applicable. Trainee members are entitled to attend SCL events at the standard members’ rate (the concessionary rate for UK students in full-time education does not apply). Trainees and UK students in full-time education can apply to join SCL for free by emailing hello@scl.org
SCL – Tech Law for Everyone The leading educational charity for the tech law community
Society for Computers and Law A company limited by guarantee 1133537 Registered Charity No. 266331 VAT Registration No. 115 4840 85 Registered in England and Wales Registered office: Unit 4.5, Paintworks, Arnos Vale, Bristol, BS4
