Cybersecurity for In-house Legal Counsel Seminar

Monday, October 26, 2020

In-house legal counsel play an important role in managing and mitigating an organization’s cyber risk. Cybersecurity is complicated and important, and most in-house counsel are asked to learn it on the fly.  This seminar was created to help in-house counsel understand the legal constructs and terminology widely used within the cybersecurity space, and to provide practical ways they can be more responsive and efficient when cyber issues arise.  This discussion will also be valuable to outside counsel in the technology space, and privacy officers looking to better understand how legal risk and cyber risk can be managed together.  You will walk away better prepared to understand and manage cyber risk.

Learn from subject matter expects who delve deep into topics such as:

Ticket to seminar also includes option to attend two Monday morning technical sessions.

Following the seminar, explore resources from our solution strategy providers and establish new professional relationships during the Virtual EXPO Hall Opening from 3:30 – 5:00 p.m.


12:30 – 1:15 PM
Speaking the Language of IT and Security
IT and security professionals often use technical jargon that in-house attorneys might not understand yet carries tremendous risk implications to an organization.  Our speakers will define many of these key terms and provide you with a working knowledge of some basic technology and security terms and issues. You will leave this session better able to communicate with IT and security professionals and advise your internal clients.

Speaker: Shawn Fleury, Director, Risk Management, The Crypsis Group

Session supported by

1:20 – 2:05 PM
Legal Overview and Key Cyber Risks for Businesses
In this interactive session, our speaker will walk through the laws, regulations, standards and best practices affecting not only an organization’s obligations but its opportunities with its most powerful asset:  Its Data. You will gain a foundational knowledge of the governance requirements for data privacy and security, and a playbook for approaching privacy and security both proactively and reactively. 

Key Learnings:

CLE Credits: The seminar sponsor, Taft, will be requesting 3 hours and 15 minutes of CLE credits in Minnesota, Wisconsin, Iowa, Ohio, and other jurisdictions as requested by registrants.

Attendee Takeaway Item: “Playbook” of actions/follow-up steps that counsel can take when they return to their companies.

Speaker: Scot Ganow, CIPP/US, Chair Privacy & Data Security Practice, Taft Stettinius & Hollister LLP

Session supported by:

2:10 – 2:55
Panel Discussion: Governance and Working Relationship Considerations in Privacy and Data Security

Our panel discussion will explore how governance structures and relationship building within the C-suite can drive success in meeting privacy and security goals.  The way in which privacy and security professionals are slotted into organizational hierarchies can impact their ability to drive positive outcomes for the business. In addition, working relationships matter—especially when a crisis hits—and good communications strategies can pay dividends.  This panel discussion will delve into these issue from several perspectives and help you interact with security professionals and advise your clients on governance, reporting, and chain of command issues.

Panelists: Aditya C. Bharadwaj, General Counsel, Ascentis Human Capital Management Software; Jerrod Montoya, Deputy Chief Information Security Officer/ Project Manager, OATI; Milinda Rambel-Stone, Chief Information Security Officer, Provation Medical

Moderator: Phil Schenkenberg, CIPP/US, Partner, Litigation & Cyber Security, Taft Stettinius and Hollister LLP

3:00 – 3:30 PM
Best Practices for Managing Cyber Risks in the Contracting Process
As the financial, regulatory and reputational risks arising from misappropriation of data continue to crystalize each year, many organizations are seeing data privacy and cybersecurity obligations become part of the required risk mitigation and insurance provisions within a wide variety of contracts. Our speaker will discuss ways to identify these obligations within boilerplate contract language, distill what these obligations mean, and determine how best to prepare your organization to comply with what are rapidly becoming expected contractual norms.

Speakers: Brett Hebert, Associate, Business Law & Data Security, Taft Stettinius and Hollister LLP; Maggie Lassack, Privacy and Cyber Security Counsel at Polaris Industries

3:35 – 4:05 PM
Crisis Management Considerations
In-house attorneys need to be prepared to deal with crisis situations that arise out of cyber incidents. In this session, we will get you ready for such a crisis by working through a checklist of action items, discussing the scope of the attorney client privilege, and providing communication strategies.

Speaker: Elizabeth Stevens, Crisis Management Director

Thank you to our In-house Legal Counsel Host

Thank you to our In-house Legal Counsel Supporter

Sponsorship Opportunities

To learn about available sponsorship opportunities, contact Jennifer Churchill at 763-548-1306 or

Committee Members

Phil Schenkenberg, CIPP/US, Partner, Litigation & Cyber Security, Taft Stettinius and Hollister LLP

Samuel Aintablian II, Associate Counsel, Minnesota Vikings Football, LLC
Madeleine Findley, US Privacy Counsel, Medtronic
Scot Ganow, CIPP/US, Partner, Chair Privacy & Data Security Practice, Taft Stettinius and Hollister LLP
Susan Gelinske
, Director, Risk Management and Associate General Counsel, The Opus Group
Brett Hebert, Associate, Business Law & Data Security, Taft Stettinius and Hollister LLP
Jerrod Montoya, Deputy Chief Information Security Officer/ Project Manager, OATI
Ken Stieers, Security Engineer, The Opus Group