Law and Technology

Cybersecurity and Data Privacy Law Conference


Virtual Conference

Past Event

MCLE Credit will be available

Details for connecting to the conference will be sent after you register.

Please contact Brandon White for questions.

Registrar: +1.972.244.3404
ILT: +1.972.244.3410
Fax: +1.972.244.3401


Presented by the Institute for Law and Technology, this conference brings together cybersecurity professionals from the region and around the country to provide education to in-house and private practice attorneys on cybersecurity legal issues.

Details for connecting to the virtual conference will be sent after you register.

Conference Co-Chairs

James O. Holley
Ernst & Young LLP
Mark L. Krotoski
Morgan, Lewis & Bockius
Shawn A. Morgan
Steptoe & Johnson PLLC
Shawn E. Tuma
Spencer Fane LLP

Schedule and Faculty

Conference Theme: Embracing challenges and opportunities: learning new ways to work while understanding new risks and obligations around protecting data

Wednesday, September 9

9:00 am

Welcome & Introductory Comments

9:15 am

Keynote: Data and Goliath

  • Professor Bruce Schneier, Harvard Kennedy School, Cambridge, Massachusetts
You are under surveillance right now. Your cell phone provider tracks your location and knows who's with you. Your online and in-store purchasing patterns are recorded, and reveal if you're unemployed, sick, or pregnant. Your e-mails and texts expose your intimate andcasual friends. Google knows what you're thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices were offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches. Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we've gained? Security expert Bruce Schneier offers another path, one that values both security and privacy.

9:45 am

Transition Break

9:50 am

Current Risks & Attack Trends: What We Learned (And Are Learning) During The COVID-19 Pandemic About Cybersecurity & Data Privacy

Moderator: Janice Z. Davis, Morgan, Lewis & Bockius LLP, Dallas, Texas


  • Ed Cabrera, Trend Micro
  • Art Ehuan, The Crypsis Group, McLean, Virginia

10:50 am


11:05 am

Overview Of Recent Legal Updates And Pending Laws—Federal And State: Where They Overlap And Where They Diverge

  • Craig C. Carpenter, Thompson & Knight, Dallas, Texas
  • Lisa Buursma, BISSELL Homecare, Inc., Grand Rapids, Michigan

11:50 am

Break & Lunch On Your Own

12:45 pm

California Consumer Privacy Act (CCPA) & California Privacy Rights Act (CPRA)

Moderator: Brett Cook, Wells Fargo, Dallas, Texas


  • Mary Stone Ross, MSR Strategies, San Francisco, California
  • Jeewon Serrato, Baker & Hostetler LLP, San Francisco, California
  • Lisa B. Kim, California Department of Justice, Los Angeles, California

1:45 pm

Transition Break

1:50 pm

Ransomware Response

Moderator: David Navetta, Cooley LLP, Broomfield, Colorado


  • Brett Leatherman, Federal Bureau of Investigation
  • Nathan Little, Tetra Defense, Madison, Wisconsin

2:50 pm


3:05 pm

Cyber Risk Quantification, Part II

  • James O. Holley, Ernst & Young LLP, Dallas, Texas

3:50 pm

Wrap Up, Recess & Transition To Networking Session

Thursday, September 10

9:15 am

Welcome Back & Overview Of The Day

9:30 am

The Blurs Between Privacy And Cybersecurity: A New Version Of The World

  • Dr. Gavin W. Manes, Avansic, Tulsa, Oklahoma
  • Nicola Hobeiche, KidKraft, Inc., Dallas, Texas

10:15 am

Transition Break

10:20 am

Federal Regulatory Update

Moderator: Mark L. Krotoski, Morgan, Lewis & Bockius, Palo Alto, California


  • Dama J. Brown, Federal Trade Commission, Southwest Region, Dallas, Texas
  • Scott F. Mascianica, U.S. Securities and Exchange Commission, Fort Worth, Texas
  • Vaniecy Nwigwe, Office for Civil Rights, Southwest Region, Dallas, Texas

11:20 am


11:35 am

Using Cyber Insurance In Incident Response Planning And Preparation

Moderator: Shawn E. Tuma, Spencer Fane LLP, Plano, Texas


  • Steven H. Anderson, QBE North America, Plano, Texas
  • Jarrett W. Kolthoff, SpearTip, St. Louis, Missouri

12:35 pm

Break & Lunch On Your Own

1:15 pm

Midday Keynote Presentation: NIST Privacy Framework Version 1.0

  • Dylan Gilbert, National Institute of Standards and Technology (NIST), Gaithersburg, Maryland

As the Internet and associated information technologies drive unprecedented innovation, economic value, and access to social services, the amount of data about individuals that is changing hands is nearly incalculable. Many of these technological advancements are powered by individuals’ data flowing through a complex ecosystem. Finding ways to continue to derive benefits from data while also protecting individuals’ privacy is challenging and not well-suited to one-size-fits-all solutions.

To enable better privacy engineering practices and help organizations protect individuals’ privacy, NIST developed the Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Privacy Framework) following a transparent, consensus-based process including both private and public stakeholders. The voluntary Privacy Framework is a flexible tool intended to be widely usable by organizations of all sizes and agnostic to any particular technology, sector, law, or jurisdiction.

2:15 pm

Transition Break

2:20 pm

How Do You Put A System Of Controls In Place When Your Target Keeps Moving?

Moderator: Michelle A. Reed, Akin Gump Strauss Hauer & Feld LLP, Dallas, Texas


  • Wendy Bozzolasco, Sun Power Corporation, Austin, Texas
  • Shereen El Domeiri, Saraiya PLLC, Plano, Texas
  • Nicola Hobeiche, KidKraft, Inc., Dallas, Texas

3:20 pm


3:35 pm

The Legal Implications Of Extended Work From Home Arrangements (includes 15 minutes legal ethics—participants must be present for entire session to receive ethics credit)

  • Paloma Z. Ahmadi, Haynes and Boone, San Antonio, Texas
  • Tim Newman, Haynes and Boone, Dallas, Texas

4:35 pm

Closing & Adjournment


  • "Fantastic speakers on interesting topics"
  • I liked best "The outstanding quality of the faculty and information provided."
  • "Timely, thought provoking"
  • "I know that I graded each speaker as a "5," but that was earned. This has been one of the best conferences I have ever attended."
2019 Conference Attendees

CLE Information

Texas Course Number 174093892. This course has been approved for Minimum Continuing Legal Education credit by the State Bar of Texas Committee on MCLE in the amount of 10.75 credit hours, of which 0.25 credit hours will apply to ethics/professional responsibility credit.

This online program has not been approved for MCLE credit in any other jurisdictions. If requested by attendees, CAIL will request accreditation in California, Louisiana, Oklahoma, New Mexico, Ohio and Pennsylvania. Accreditation has not been sought or approved in these jurisdictions at this time.  MCLE credit will not be requested in any other jurisdiction.

Although attendees may be able to request MCLE credit directly in additional jurisdictions, the rules vary in each jurisdiction. Certain programs, subjects, and formats may not receive credit in certain jurisdictions and there may be specific rules regarding who may earn credit or the maximum number of credit hours that may be earned with specific formats. Please contact your jurisdiction’s MCLE regulatory entity for specific questions about its MCLE rules.

Other Information

We will be using a third party platform to host the webinar/event. By registering for this event, your email address and personal information will be used by the webinar organizer to communicate with you about this event and other services.

Press Policy

This conference is held under the Chatham House Rule. Participants, including journalists, are free to use any information received, but comments may not be attributed to any speaker identified by name or affiliation.

Nondiscriminatory Policy

The Center for American and International Law does not discriminate on the basis of race, color, sex, religion, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other protected status in educational activities, scholarship programs or admissions.

Privacy Policy

We do not sell or rent information to any outside parties. By providing your information, you will receive postal and electronic communications from the Institute for Law and Technology (ILT) of The Center for American and International Law (CAIL) in accordance with CAIL's Privacy Policy. If we co-sponsor a program with another organization, information may be shared between the parties. All such co-sponsors will be identified on the event details and registration page. At any point, you can opt-out or unsubscribe by selecting either link at the bottom of each email or call us at 972.244.3400.

Headline Sponsors