4 November 2021

Cyber Law & Risk Symposium Agenda


4 November 2021


University of San Diego, Shiley-Marcos School of Engineering



Cyber Law & Risk Symposium Agenda 

Thursday, November 4, 2021 

8:00am – 9:00am Registration, Networking & Continental Breakfast 

9:00am – 9:15am Opening & Welcome by Organizing Committee 

9:15am – 9:45am Keynote Address: Why Securing Your Business is a Matter of National Security 

Speaker: Andrew Serwin, Global Co-Chair, Data Protection, Privacy and Security Practice DLA Piper & Chairman, National Cyber Forensic Training Alliance 

9:45am – 10:40am Cyber Insurance: The Only Constant is Change 

Moderators: Scott Takaoka, Stroz Friedberg 


  • Steve Pacheco, Head of US Cyber and Tech E&O at Munich Re Specialty Group Insurance Services 
  • Chris Reese, Head of Insurance, Cowbell Cyber 

Session Focus: Cyber insurance is a critical component of a sound enterprise risk management program. However, “buying” cyber insurance has become “qualifying” for cyber insurance, based on a range of insurance industry’s cyber controls. Business owners, and their chief technologists face the dilemma of rising premiums, increased retention, reduced coverage AND investing more in network security just to qualify. Join our panelists who will provide insight and actionable guidance into navigating this labyrinth. 

10:40am – 11:00am Shining Light on the Dark Side: Threat Intelligence Sourced from the Deep & Dark Web 

Speakers: Discussion & Demonstration by Ankura Cyber Threat Analytics & Pursuit Team (CTAPT) 

Session Focus: Take an in-depth tour of the dark web, see how it has changed over the past twelve months, and how it is presently being leveraged by sophisticated adversaries to communicate with each other, disseminate malicious tools, stage operations, and shame victims. During the session, CTAPT will actively log into forums and marketplaces frequently leveraged by these adversaries which are typically closed off to unvetted visitors. Also learn how businesses and lawyers are leveraging this intel before, during and after a cyber-event. 

11:05am – 12:00pm Mocking the Cyber Privilege: Motion to Compel a Forensic Investigation Report 

Mock Trial: Honorable Mitchel Dembin, U.S. District Court Magistrate will preside over this mock trial to examine the attorney client privilege and attorney work product doctrine in a fun and fictitious data breach. Hear compelling arguments from both Plaintiffs and Defendants about why breach investigations should (or should not) be privileged. The trial will include a direct and cross examination of Jonathan Fairtlough, a forensic investigation expert that will shape civil breach litigation for years to come. 

12:00pm – 1:00pm Outdoor Networking Lunch – “Little Italy” 

1:00- 1:30pm Keynote Address from Washington DC: A Message to Businesses from the Department of Homeland Security on Protecting Our Way of Life 

Speaker: Jonathan Meyer, General Counsel, United States Department of Homeland Security 

1:30- 1:45pm Public/Private Partnership & Information Sharing: Official Induction of San Diego InfraGard’s Cyber Council 

Session Focus: Cyber Council is a first of its kind group of community cyber leaders convened to foster public and private cyber information sharing. The Council will centralize and provide cyber information and resources for InfraGard members to address cyber threats and reduce risk to critical infrastructure. The Council is part of InfraGard San Diego. InfraGard’s mission is to “promote ongoing dialogue and timely communication between InfraGard members and the FBI—specifically concerning the security of, vulnerabilities in, and threats to critical infrastructure entities.” 

1:45pm – 2:40pm Building a “Reasonable Security” Program: Proactive & Reactive Cyber Services 

Moderator: Justine Phillips 


  • Anne Blake-Dreher, Vice President and Assistant General Counsel, Perrigo Company 
  • Heath Quackenbush, Vice President and Assistant General Counsel, Perrigo Company 
  • Toni Millican, Senior Director, Information Governance & Data Protection, Trinity Industries 

Session Focus: New and evolving cyber laws and regulations require businesses to build a defensible and reasonable security program. Hear perspectives from in-house teams about which regulations or frameworks to follow, what to do proactively in preparation for reactive scenarios, properly evaluating/transferring risk in M&A transactions, and practical ways to manage and communicate cyber risk. 

2:35pm – 2:45pm Refreshment Break 

2:45pm – 3:35pm Perspectives from the FBI: The Frontlines of Cyber War 

Moderator: John Caruthers 


  • Suzanne Turner, FBI Special Agent in Charge, San Diego 
  • Nick Arico, Supervisory Special Agent San Diego Cyber Division 
  • John “Jack” Bennett, Managing Director, Cyber Risk Kroll 

Session Focus: Current FBI San Diego Special Agent in Charge Suzanne Turner will engage in a fireside chat with Former FBI Los Angeles Assistant Director in Charge John (aka Jack) Bennett, covering a range of relevant and insightful topics. Leading large organizations through adversity, recognizing the value of Public/Private partnerships, and rarely heard war stories from the FBI’s front lines will be discussed. You do not want to miss this riveting session! 

3:35pm – 4:30pm Sky’s the Limit: Supply Chain Cyber Risk & Vendor Management 

Moderator: Cathy Mulrow-Peattie, Of Counsel, Loeb & Loeb 


  • Douglas Foulds, IBM CISO Vulnerability Management 
  • Bert Kaminski, Direct, Legal, Google Cloud 
  • Tim Yim, Senior Director Privacy at Snowflake 

Session Focus: Our IT infrastructure depends on third party vendors whose services exist in the cloud. Weakness and vulnerabilities in the supply chain can create persistent and catastrophic cyber risk globally. Hear from a panel of cloud, legal and vulnerability management experts on how to reduce disruptions and build resilience into your relationships with your supply chain cloud providers. 

4:30pm – 4:40pm Bridges to Babylon: Automating Incident Response 

Speakers: Rebecca Perry, Exterro’s Director of Strategic Partnerships 

Session Focus: See how new technology can bridge the gap between Information Security, IT and your Legal team by automating breach response. 

4:45pm – 5:00pm Everything Connects to Everything: Closing Statements 

Organizing Committee Statements 

5:00pm – 6:30pm Cocktail Reception