Advising Corporate America on Preventing Cyber Attacks

(170 Ratings)

Produced on: December 02, 2016

Course Format On Demand Audio

Taught by


Course Description

Time 60 minutes
Difficulty Intermediate

After reading hundreds of business articles over the last few months, any reasonable business person will likely conclude that 2017 will be the year of Big Data – the year that such data will drive corporate brands, corporate profits and customer experiences. Those companies that handle big data with skill and agility will generate tremendous profits, goodwill and success. Those that do not will…..well… they will either skulk along at subsistence level, or face extinction as the strong companies inherit and consume the weak. Knowing that big data will rule the world, what else will rule the world? Good cybersecurity and cyber governance.

Given that the United States is facing today a cybersecurity skills shortage of epic proportions, any reasonable cybersecurity strategy will likely be composed of two major elements: (1) adherence to some regulatory cybersecurity and data “framework” that every business and executive can follow and execute to their company’s benefit, and (2) an artificial intelligence and machine learning cyber defense strategy that will protect the company’s most important data and intellectual property assets – its “crown jewels.” Today, with the enormous amount of data any company will create a day, let alone the amount of traffic and information that companies receive from vendors, customers, investors and other trusted parties, a company’s IT department can be overwhelmed with the amount of cybersecurity alerts that need to be investigated. The sea of data and data points of contact (called endpoints) is literally incalculable. We humans are overwhelmed with data. Along with a basic cybersecurity and data framework that all can follow, AI and Machine learning solutions can be put in place to help companies secure their data, and help the company’s IT staff become “super-human” incident responders. Today’s solution might even be able to help kick an attacker off your client’s network before he or she can do damage or steal anything, both of which will cause you and your client not only an incredible headache, but also reputational harm and damage (along with other problems like regulatory and civil litigation). 

Learning Objectives: 
  1. Advise your client to adopt the National Institute of Standards and Technology Cybersecurity Framework (“the Framework”)
  2. Educate your clients on the immediate benefits to their organization of adopting the Framework
  3. Learn how to evaluate the adoption of an AI and Machine Learning Defensive Cybersecurity platform to protect your client’s IP and IT assets (including endpoint protection)
  4. Create your client’s data security strategy for 2017


Paul Ferrillo

Weil, Gotshal & Manges LLP

Paul Ferrillo is counsel in Weil’s Litigation Department, where he focuses on complex securities and business litigation, and internal investigations. He also is part of Weil’s Cybersecurity, Data Privacy & Information Management practice, where he focuses primarily on cybersecurity corporate governance issues, and assists clients with governance, disclosure, and regulatory matters relating to their cybersecurity postures and the regulatory requirements which govern them.

Mr. Ferrillo regularly counsels clients on cyber-governance best practices (using as a base the NIST cybersecurity framework), third-party vendor due diligence issues, cybersecurity regulatory compliance issues for private equity, hedge funds, and financial institutions that have been promulgated by the SEC, FINRA, the FTC, and the FDIC/OCC, the preparation and practicing of cybersecurity incident response plans, as well as evaluating and procuring cyber-liability insurance to protect against losses suffered by companies as a result of the theft of consumer or personally identifiable information, or as a result of the destruction of servers and corporate infrastructure.

Outside of his litigation and D&O insurance practice, Mr. Ferrillo is a prolific writer, speaker, and commentator on a wide range of subjects. He is a frequent contributor of articles concerning securities, corporate governance, and accounting fraud issues to the New York Law Journal, D&O Diary, Harvard Law School’s Forum on Corporate Governance and Financial Regulation, and other national publications and forums, and is a frequent speaker on securities law, corporate governance, and directors’ and officers’ liability insurance issues for the ALI-ABA, the New York State Bar Association, the American Conference Institute, NACD, and the Directors’ Roundtable. Mr. Ferrillo also is a co-editor of and contributor to The 10b-5 Guide, Weil’s annual review of securities fraud litigation in the United States.

Mr. Ferrillo received his B.S., and later, his J.D., from St. John’s University.


john a redmon r.

good program

Thomas C.

Thank you, the material went beyond what most other presentations offered.

Bethanne H.

Very interesting and practical.

Marshall V.

Critical and contemporary information - very good job.

Arthur O.

great course.

Sharon P.


Julie A. B.

Timely topic.

Load More


$ 59 Science & Technology Law and Privacy & Cybersecurity In Stock


Get Unlimited Access to Lawline Courses

Unlimited CLE Subscription gives you access to take almost any course from our catalog and earn as much CLE credit as you need.