The Lawyer’s Guide to Navigating Data Breaches: Vendor Risks

· July 3, 2023
Current Status
Not Enrolled
Get Started

In today’s digital age, businesses of all sizes and industries increasingly rely on technology to communicate with clients and store user data or intellectual property. This dependence can also mean third-party vendors, from gardeners to cloud providers, can pose a security risk. Vendors often have less strict security practices than larger clients while having privileged access to sensitive data or systems. Attorneys advising boards and managing law firms should have a thorough understanding of this critical and developing area of risk and liability. As regulations continue to develop and enforcement measures stricter, businesses must ensure that they employ the proper security measures both internally and with third parties, as “function can be outsourced, but not risk.” This seminar will help equip attorneys to assess and manage third-party risk and contracts, as well as advise clients on the importance of thorough vendor risk monitoring to ensure that they are complying with the relevant security standards.  

  • Attorneys advising boards and managing law firms must have a thorough understanding of this area of risk and liability to effectively advise clients on how to mitigate these risks and prepare for an increasingly common phenomenon. 

In part 1 of this CLE webinar, our expert panelists begin by explaining what data breaches are and how they happen. Our speakers then give an overview of the data breach risks that third-party vendors pose. Together, our speakers discuss the policies that businesses should establish across management policies and procedures. Our panelists conclude by assessing the current legal landscape and recent litigations regarding third-party vendor data breaches. 

Topics covered in this webinar:    

  1. Data Breaches 101  
  1. Data Breach Risks from Third-Party Vendors  
  1. Policies to Reduce Vendor Cyber Risks 
  1. Regulatory Landscape and Recent Litigation 

In part 2 of this webinar, our expert panelists begin by discussing the questions organizations should ask third-party vendors when informed of a data breach. Next, our speakers break down the steps to understanding and evaluating contracts during breaches, as well as reviewing breach notification clauses and author preventative contractual provisions. Finally, they provide some of the key elements to prevent vendor risks, sharing their expert opinions to highlight the value of incorporating cybersecurity practices into corporate governance and culture, as well as taking rigorous preventative measures.  

Topics covered in this webinar:    

  1. Questions to Ask When Informed of Vendor Data Breach  
  1. Steps to Understanding and Evaluating Contracts During Breaches  
  1. Ways to Reduce (Vendor) Cyber Risks 

Featured Speakers:

Daniel B. Garrie, Esq. – Founder, Law & Forensics; Neutral, JAMS; Faculty, Harvard

Amie Rooney – Associate General Counsel, Ethics & Compliance Marvell Technology, Inc.

George Pierce – Chief Legal Officer, Senior Vice President & General Counsel, Toyota Tsusho America, Inc.

David Hamilton – Managing Counsel, Global Privacy, Fiserv

Stacy Harrison – Partner, Orrick, Herrington & Sutcliffe LLP​

Shawn Tuma – Partner, Spencer Fane LLP​

Joseph Santiesteban – Partner, Orrick, Herrington & Sutcliffe LLP

Brian Levine – Managing Director, Cybersecurity and Data Privacy, Strategy and Transactions, Ernst & Young

Not Enrolled

Course Includes

  • 2 Lessons
  • Course Certificate