Date/Time: Tuesday, November 29, 12:15 – 2:15 p.m. ET
Location: Virtual via Zoom

Online Registration has closed.  Please contact Elizabeth Hagerty( if you would like to register.

The FCBA Cybersecurity Committee will sponsor a CLE on Tuesday, November 29 from 12:15 – 2:15 p.m. ET entitled Trust and Transparency: What’s Next in Cyber Incident Reporting, Information Sharing, and Incident Response.  This program will be held virtually via the Zoom platform.

The FCBA will apply for 2.0 hours of MCLE credit from the VA Bar.  This program has not yet been approved.


12:15 – 12:20 p.m.     Welcome and Introduction

12:20 – 12:35 p.m.     Keynote: Eric Rosner, CISA Representative

12:35 – 1:25 p.m.       Federal Cyber Incident Reporting and Information Sharing

Incident reporting and information sharing have long been viewed as critical tools to enhance transparency, build confidence, and facilitate preparedness and response efforts.  Numerous laws, regulations, and mechanisms for reporting incidents and sharing cyber threat information exist across sectors and varying groups of participants.  Immediately following Russia’s invasion of Ukraine, Congress passed the Cyber Incident Reporting for Critical Infrastructure Act, directing DHS’s Cybersecurity and Infrastructure Agency (CISA) to require covered entities across the 16 critical infrastructure sectors to report covered cyber incidents and ransom payments.  At the same time, agencies like the Securities and Exchange Commission and the Federal Communications Commission are considering new incident reporting rules of their own.

This panel will provide an overview of these various proceedings and discuss key considerations for policymakers and participants as these new rules take shape.


Savannah Schaefer, Associate, Wilkinson Barker Knauer

Rudy Brioché, VP & Policy Counsel, Comcast
Cheryl Davis, Senior Director for Strategic Initiatives, Oracle
Coleman Mehta, Senior Director, Public Policy, Palo Alto Networks

1:25 – 2:15 p.m.         State Breach Reporting and Cyber Incident Response

The risk of cyber attacks on U.S. businesses increased in 2022 and is poised to rise again in 2023.  There has been a surge in malware attacks—in particular, ransomware attacks—which have crippled businesses across the country.  With a rise in such attacks comes the risk of data loss, reputational damage, and legal action.  Compounding the challenges associated with incident response is the laborious process of analyzing and complying with 50 different state data breach notification laws.

This panel will overview the key milestones associated with incident response from initiating a forensics investigation to notifying affected consumers and state regulators.  In addition, this panel will discuss best practices for analyzing state data breach notification laws and complying with varied reporting and notification deadlines in each state.

Matt Diaz, Legal Counsel, Dinsmore & Shohl LLP

Stephen Reynolds, Partner, Baker McKenzie
Elizabeth Rogers, Partner, Michael Best

COST: $135.00 for Private Sector Members; $50.00 for Government/Academic/Transitional/Retired Members; $95.00 for Non-Profit 501c3 Members; No charge for Law Student Members; $205.00 for Non-Members

Cancellations due no later than 24 hours prior to the program start time.


Register Online