A New Risk for CISOs – Criminal Liability?


In what is believed to be the first criminal prosecution of a corporate executive based on a data breach, in October, a jury convicted Joseph Sullivan, Uber’s former Chief Security Officer, of two felonies in connection with his handling of a 2016 data breach.  Sullivan could be sentenced to 8 years in prison.  The verdict is further confirmation that cybersecurity and data protection are C-Suite level matters and that corporate executives need to prioritize cybersecurity and data protection or be prepared to face the consequences, which could include criminal liability.

Our speakers will discuss:

  • The takeaways from the Sullivan case and what the conviction may mean for CISOs (15 minutes)
  • The implications of the views of the FTC, and other regulators, about the role the C-Suite and corporate boards should play in cybersecurity and data privacy (15 minutes)
  • The New York Department of Financial Services’ proposed amendments to it cybersecurity regulations for financial services companies, including new requirements for CISOs (15 minutes)
  • Best practices for cybersecurity professionals (15 minutes)


Who Should Attend:  In-house counsel, outside attorneys, financial services professionals, technology, cybersecurity, data protection, and other allied professionals interested in cybersecurity and data privacy protection

Program Level: Update

Prerequisites: None

Advanced Preparation: None





Leeza Garber

Leeza Garber Esq. Consulting

The Wharton School, University of Pennsylvania


Gail Gottehrer

Del Monte Fresh Produce Company



Source link