On Demand
Audio
Cybersecurity & The Energy Sector: Managing Escalating Risks
Produced on June 07, 2018
Course Information
Course Description
We have continued to see a rise in attempted attacks on energy infrastructure using malicious software and other cyber weapons. Recent examples include the May 2017 Wannacry cyberattack that affected companies and governments worldwide, which was followed closely in June 2017 by Petya (which hobbled online controls and critical systems at Chernobyl), and significant havoc caused by “NotPetya” in January 2018. Adding fuel to the fire, the proliferation of ransomware has further incentivized would-be cybercriminals by introducing the potential for financial gains.
As the energy sector grapples with how to protect itself against evolving threats, what do companies need to know about their legal obligations and potential liability? The increasing probability that an attack will result in devastating consequences has raised the profile of cyberinsurance as a necessary component of security risk management, but what else should businesses be doing? In this presentation, BakerHostetler Partner Melinda McLellan and Associate Sara Goldstein will provide information, analysis, and insights to help energy sector entities understand and navigate the risks and legal responsibilities associated with identifying and protecting against cyber threats.
Learning Objectives:
- Examine the latest cyberattacks on facilities and systems around the world and contrast these with previous incidents in terms of scope and complexity
- Review the evolving threat landscape, including new lines of attack, the role of ransomware, and vulnerabilities in aging infrastructure
- Analyze Trump’s May 2017 Executive Order on strengthening cybersecurity protections for critical infrastructure, and review proposed federal legislation on these issues
- Assess the costs of cyber attack fallout, from physical damage to assets and intellectual property losses to legal fees and remediation expenses
- Identify the steps organizations in the energy industry can take to better manage these cybersecurity risks and mitigate the impact of a cyberattack
Credit Information
This course is pre-approved for CLE credit in the following states. If your state is not listed, contact support for more information on how to receive credit
Faculty
Melinda L. McLellan
BakerHostetler
Melinda McLellan is a seasoned privacy and cybersecurity specialist currently focused on the regulation of emerging technologies and cross-border data protection law. As co-leader of BakerHostetler's EU General Data Protection Regulation (GDPR) initiative, Melinda works with multinational clients to identify, evaluate and manage the myriad compliance obligations associated with corporate privacy and information security practices. Her broader practice includes advising on a wide variety of complex privacy and data management issues, including biometrics, securing the Internet of Things, implementation of blockchain technologies, cybersecurity threats to the financial services and energy sectors, autonomous vehicles, genetic privacy, artificial intelligence, Big Data, managing information security incidents, and negotiating complex tech transactions.
Select Experience:
- Advises on compliance with international data transfer restrictions and data localization requirements, including through the implementation of cross-border transfer mechanisms such as the EU-U.S. Privacy Shield framework, standard contractual clauses, intercompany agreements and binding corporate rules.Advises clients on the development and implementation of enterprise-wide privacy and information security programs, including by creating employee privacy training modules and drafting company codes of conduct, policies, standards, procedures and guidelines related to the protection of personal data.
- Manages complex technology transactions on both the vendor side and the customer side, drafting and negotiating multiparty contracts and outsourcing agreements from the RFP through follow-up compliance assessments.
- Counsels clients on the legal implications of various data collection and analytics technologies, including facial recognition software, geolocation tracking and web-based tools used for behavioral and other targeted marketing purposes.
Sara Goldstein
BakerHostetler
Sara Goldstein focuses her practice on legal issues related to privacy and data protection. As the former vice president and general counsel of a large provider of release of information and disclosure management services, Sara was responsible for overseeing all of the company’s legal and compliance-related matters. This experience gives her a depth of knowledge regarding her clients’ needs, bringing a business-oriented perspective to her practice and allowing her to provide legal guidance that is realistic and practical for her clients.
Sara has authored a variety of industry-related articles in publications such as the Journal of the American Health Information Management Association(AHIMA), The Group Practice Journal, Compliance Today and RACMonitor.com. She has been invited to speak to organizations across the country about release of information, compliance with federal and state medical privacy laws, and breach prevention. She is also an adjunct professor of law at Drexel University, where she teaches a course on HIPAA and patient privacy.
Reviews
Excellent course--one of the best offered. The information covered is highly relevant for all. The conversational interaction between the presenters created a dynamic and interesting learning environment. I highly recommend this course.
Excellent program.
Very knowledgeable presenters!
thank you
Excellent presentation
Great presentation very interesting and informative.
Excellent and clear presentation
Informative and interesting presentation.
Excellent follow up to previous presentation
Excellent presentation.
This program was excellent. Very interesting examples and suggestions.
Alarming topic
Really well done!
A plus.
Culture Blog
Facebook
Twitter
LinkedIn
Youtube
Glassdoor