Join this interactive session featuring Lowenstein Data, Privacy & Cybersecurity Chair Amy S. Mushahwar during the American Conference Institute's 2nd Cybersecurity Law & Compliance Conference to gain a practical understanding of the patchwork of federal, state and industry regulations. Under the SEC’s newly adopted cybersecurity risk management rules, public companies are now required to disclose a cyber breach publicly and within four days. This session will unpack the practical implications of the rules and key missteps to avoid:
Part One: Federal Regulations
- Setting the highest standard to satisfy government regulations and protect the company
- Implementing regulations into our policies and procedures
- Understanding the patchwork of requirements including deadlines
- SEC’s expectations for incident reporting within four days, and specifically the expectation for a Form 8-K and Form 10-K filing
- Updating initial reports, and what is expected in follow-up reports
- Defining a “material” cybersecurity incident as reaching a threshold reasonable investors consider important to their decision-making
- Assessing the incident effects, remediation efforts, cyber insurance impacts, and estimated costs of a breach
Part Two: Complying with State, Federal and Industry Specific Requirements
- Identifying what is being regulated, where there are similarities, differences and gaps between the regulations
- Meeting reporting obligations and communicating to the different state regulators
- Determining if and how the emerging regulations will curtail business operations
Speakers:
- Amy S. Mushahwar, Partner; Chair, Data, Privacy & Cybersecurity, Lowenstein Sandler LLP
Time: 9 a.m.-12:30 p.m. ET
Location: Hilton Arlington, 950 N Stafford St, Arlington, VA 22203
*This event is open to the public but requires a registration fee.
