There is no greater challenge in business today than in protecting your data. To paraphrase an increasingly popular quote, there are two kinds of companies in business today—those who know they’ve been hacked, and those who’ve been hacked and don’t know it. This course, presented by Anthony Laura and Brian Cesaratto of Epstein Becker Green, addresses two natural questions of the day: what can a business do to secure its data, and what are the ramifications, whether regulatory or in litigation, of a data breach?
Security threats come from many angles—governmental espionage, unscrupulous competitors, identity thieves, and even the garage computer junkie. What measures can be taken to minimize this persistent risk? What safeguards do regulators suggest or insist upon? To what standards will courts hold you under common law and state statutes?
If you are alerted that your data has been breached, many jurisdictions impose upon your company an obligation to report the breach. What steps in addition to that can be taken to minimize the scope of the breach, and to minimize your company’s liability for the breach?
Anthony J. Laura is a Member of the Firm in the Litigation and Labor and Employment practices, in the Newark office of Epstein Becker Green.
Mr. Laura's experience includes:
Prior to joining Epstein Becker Green, Mr. Laura was a Partner in the New Jersey office of a large international law firm, where he focused on financial services and commercial litigation, employment law, government response and investigations, litigation and dispute resolution, toxic torts, and products liability matters. Before that position, Mr. Laura was a Partner at a top-15 international law firm and served as head of the firm's New Jersey Trial Practice Group.
Brian G. Cesaratto is a Member of the Firm in the Litigation and Employment, Labor & Workforce Management practices, in the New York office of Epstein Becker Green. His practice focuses on cybersecurity and data privacy, computer and electronic data misappropriation, breach and forensics, technology and software licensing, internal and law enforcement investigations, and litigation.
Mr. Cesaratto is a Certified Information Systems Security Professional (CISSP). He was awarded this information technology security audit certification by the International Information Systems Security Certification Consortium (see www.isc2.org). He is a Certified Ethical Hacker (CEH), a certification awarded by EC-Council, the world's largest cyber security technical certification body. He is also a Certified CSF Practitioner, a designation given by the Health Information Trust Alliance (HITRUST), an organization that provides training to develop and maintain effective security programs for health care, life sciences, and other companies that comply with security laws, regulations, and standards, including HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, GDPR, and various other federal, state, and business requirements (including New York State Department of Financial Services cybersecurity regulations).
In his practice, Mr. Cesaratto has:
Mr. Cesaratto draws on a diverse legal background that includes private practice with national law firms, lengthy solo practice, and serving as an Assistant District Attorney in Bronx County, New York, where he directed investigations into financial fraud, identity theft, theft of intellectual property, credit card fraud, and consumer fraud. In addition to his CISSP and CEH certifications, he has completed extensive training courses in computer forensics software, including recovery of deleted electronic documents and indicia of unauthorized data transfer.
Thank you for your thoughtful presentation.
Thank you for a superb program -- knowledgeable, thorough, and clear. The conversation format made for a lively presentation.