Common Cyber Threats and How to Reduce Risk

Sarah W. Anderson | SWA Law LLC

Sarah W. Anderson owns SWA Law LLC and LegallyCyber.com, representing public and private entities on cyber incident response, regulatory compliance, the implementation of enhanced cybersecurity practices, and contract negotiations involving technology products and services. Sarah teaches seminars on cybersecurity law across the United States, for non-profits, trade associations, and government entities.

Assisting with over 100 cyber incident responses, Sarah advises leaders and technology professionals on preventing and mitigating liability before, during, and after a cyber incident. Sarah proudly promotes awareness of technical and legal cybersecurity matters on www.LegallyCyber.com.

Prior to founding SWA Law, Sarah was in-house counsel with a technology nonprofit and a “big law“ equity partner, focused on toxic tort and property litigation.

Sarah is licensed to practice in Louisiana, Pennsylvania, Illinois, and Texas. Sarah is also the former chief legal counsel for the State of Louisiana ESF-17 (cyber incident response). Sarah is also a veteran, serving in the U.S. Army Reserves at the rank of Lieutenant Colonel. Sarah is the former Cyber Law Judge Advocate for the Louisiana Army National Guard and legal liaison for the Louisiana Cybersecurity Commission.

Julian Mahfouz | SWA Law LLC

Julian is an associate at SWA Law LLC and is a Certified Information Privacy Professional (CIPP/US). Julian assists firm clients with privacy and cybersecurity legal needs and is a frequent author on LegallyCyber.com. Despite his short tenure as an attorney, Julian is already consulting for state and federal agencies on cybersecurity and social media law matters.

Before beginning his career, Julian attended both undergraduate and law school at Louisiana State University, where he was an active participant in their esports club and former law clerk for SWA Law LLC. Julian is semi-professional gamer, frequently traveling across the country to participate in esports tournaments. Before moving to Baton Rouge to complete his undergraduate and post- graduate education, Julian lived in New Orleans with his younger brother and parents. Julian attended Jesuit High School, where he founded the video games club and was a member of the Jesuit FTC robotics team. Julian is the son of two service members, and attributes his success to strong ideals instilled by his parents.

I. Importance of Cybersecurity | 1:00pm – 1:30pm

• Legal compliance
  • Regulated data
• Contractual due diligence
  • M&A
  • Public disclosures
• Minimum network requirement

II. Common Cybersecurity Threats | 1:30pm – 2:00pm

• Types of bad stuff
  • Bots
  • Trojans/malware
  • Crypto mining
  • Ransomware/extortion/sextortion
  • Reporting to authorities
  • DDOS
  • Spyware
  • Phishing/spear phishing
  • Credential harvesters
• Insider threats
  • Case studies
• Business email compromise
  • Case studies on liability sharing
• Rogue vendors

Break | 2:00pm – 2:10pm

III. Third-Party Risk Management | 2:10pm – 2:30pm

• Risks/case studies
• Vetting technology vendors
  • Special concerns for A.I. products
• Contractual requirements for technology vendors

IV. Reducing Risks for Law Firms and Clients | 2:30pm – 2:50pm

• Case studies
• Blocking websites
• Cyber incident response plans
• Minimum insurance requirements for financial coverage
• Network configuration
• Preserving privilege

V. Conclusion – Key Takeaways | 2:50pm – 3:10pm