Vendor Vigilance: Navigating Legal Terrain in Cyber Risk Management
It is hard for businesses these days to avoid utilizing third-party vendors. They are a necessary component of any organization’s operations. Vendors are an efficient method of outsourcing services that would be too expensive or specialized for the business to carry out itself. Third party vendors, however, also bring forward a slew of risks with the data that they store and process for their services. And just because they are third parties does not make them any less susceptible to data breaches. In fact, vendors can pose the weakest link in protecting sensitive data, because they are often less technologically advanced, have fewer incentives to protect client data, and businesses have limited visibly to ensure they meet their safety standards. It is the responsibility of organizations to be proactive in setting the standards for the operations of their third-party vendors in order to preserve their reputation. This seminar will provide key insights for attorneys looking to understand the vulnerabilities associated with third-party vendors and how to assist their clients in staying ahead of the threat.
In this seminar, our expert panelists begin by introducing the cyber security landscape and the risks that many companies face when it comes to combatting data breaches. They underscore the threat third-party vendors can pose on the data they collect and process. Our panelists then go on to outline the various steps organizations can take to better protect their data when it goes into the hands of vendors. They emphasize the importance of managing the vendors and regularly conducting risk assessments. The panelists conclude by reviewing the current legal landscape and discussing a recent case that involved a vendor data breach to better understand how to implement best practices.

Our Mission is to bridge the knowledge gap between law and technology professionals by educating attorneys on technology to attorneys and technology executives on its laws and regulations. Legal Cyber Academy provides a comprehensive tool and evolving knowledge base through exclusive insights from world class cybersecurity, privacy, web 3.0, forensic, and e-discovery legal and technical practitioners. Earn CLE, CPE, and CE credits. (Refunds are available if you do not receive credit) At Legal Cyber Academy We recognize that technology, the cybersecurity threats it faces, and relevant laws and regulation are rapidly evolving, presenting unique challenges and opportunities. Our platform is dedicated to empowering legal professionals with the skills and understanding necessary to navigate the complex landscape of technology in their field, enabling them to effectively advise clients, draft contracts, and navigate legal implications in a technology-driven world. Simultaneously, we strive to equip technology professionals with the legal knowledge they need to make informed decisions, ensure compliance with regulations, and limit liability. By fostering a deep understanding of legal frameworks, we hope to support technology professionals in creating innovative, compliant, and socially conscious technological advancements. Join us in our mission to reshape the way legal professionals and technology experts understand and interact with each other in a rapidly changing technical and legal landscape. Together, they will mitigate risk better, ensure compliance, and actively shape the future of technology and its accompanying laws.

LAW & FORENSICS LLC – FOUNDER; JAMS – NEUTRAL; HARVARD – ADJUNCT;
Danie Garrie, Esq., is the Co-Founder of Law & Forensics LLC, where he heads the Computer Forensics and digital discovery Cybersecurity teams. Daniel has been a dominant voice in the computer forensics and cybersecurity space for the past 20 years, as an attorney and technologist. He is an adjunct professor at Harvard for Computer Forensics, and prior to Law & Forensics, he successfully built and sold several technology start-up companies. Since co-founding Law & Forensics LLC in 2008, Daniel has built it into one of the leading boutique firms specializing in cybersecurity and forensic engineering. He is a mediator, arbitrator, and e-discovery special master for JAMS and is a partner and head of Cybersecurity practice at Zeichner, Ellman & Krause LLP. Daniel earned both a Bachelor’s and a Master’s degree in computer science from Brandeis University, as well as a J.D. from Rutgers Law School. Daniel has led cyber and forensic teams in some of the most visible and sensitive incidents in the United States. He and his team have worked globally for two of the top five banks and dozens of the largest private and public companies in the world. In addition, Daniel has been awarded several patents for advanced cybersecurity and forensic platforms he built with his team, including TableTop.AI, CustodyTrack.IO, and Forensic Scan. Daniel is also well-published in the cybersecurity space and has authored more than 200 articles and books. His work is cited by Black’s Law Dictionary 10th Ed. defining the terms 'software', 'internet', and 'algorithm'. Lastly, he has been recognized by several United States Supreme Court Justices for his legal scholarship and is a trusted source and thought leader for cybersecurity articles and opinions, cited over 500 times to date.

Principal | The Business Protection Group
Global Executive Security, Risk, and Privacy Leader, Strategic Security Visionary, Author, and Board Member. Focused in Critical Infrastructure Cyber and Kinetic Defensive Operations. Expert in the management of strategic converged security programs and services and the development of global business operations protection programs.

Partner | Kennedys
Judith Selby is a partner in the firm’s New York office. Focused primarily on insurance coverage matters, Judy represents clients in all phases of large scale, complex first and third party insurance issues. She has extensive experience handling insurance coverage trials in the US and international arbitrations in London. Judy's practice concentrates on coverage for exposures arising out of emerging technology, digital, and compliance risks. She serves as coverage and monitoring counsel for cyber insurers and also counsels insurers on cyber insurance product development, policy wordings, and silent cyber issues. Judy’s experience includes coverage opinions, all phases of coverage litigation through trial and appeal, and international arbitrations involving environmental, toxic tort, cyber/privacy, BIPA, TCPA, business interruption, bad faith, pharmaceutical products, and COVID-19 exposures. She also provides insurance due diligence advice in connection with mergers and acquisitions, run offs, and adverse development cover transactions. Judy was named as a 2021 Insurance Trailblazer by the National Law Journal and won JD Supra 2021 Readers’ Choice Awards in Insurance (number 1) and Cybersecurity (top 10) and was a finalist for the 2015 CLM Outside Professional of the Year award. She has been an invited speaker at prominent industry conferences on privacy, cyber, and related insurance issues, and she is frequently featured in various publications, including the Wall Street Journal, Fortune, Forbes, and Law360. Judy also has also authored three eBooks: A Closer Look at Cyber Insurance, Demystifying Cyber Insurance, and Big Data for Business Leaders. Judy has completed advanced courses at the Massachusetts Institute of Technology (MIT) and Harvard Business School in the areas of big data, crisis management/business continuity, cybersecurity, the Internet of Things (IoT), and finance, as well as courses in cloud computing and the Data Protection Officer (DPO) role under the GDPR. Judy contributed to Kennedys' 'Global forecast 2024: Evolving insurance risks' report, published in January 2024.