This course will provide a general overview of the development of data privacy. The course will cover types of information that is protected, the processing of personal data and information risk management principles that impact organizational risk. The course will cover the lifecycle of privacy data from collection, use, disclosure and retention to destruction and the risks associated with each phase. The course will also cover information security and the safeguarding of personal information including ISO security standards and common security controls.
This course will provide a general overview of risk management and exposures for third party vendors. The course will cover risks associated with an organization’s failure to properly vet third party vendors and negotiate contraction provisions with third party vendors. Students will learn about the reasons why third party vendors can be the weakest link in the security chain and expose organizations to greater cyber breach risks. The course will cover important third party contractual provisions that can serve to shift the risk of cyber liability to third party vendors including limitation of liability, indemnity, additional insured provisions and breach response allocation provisions. The course will cover generally claims and defenses being asserted in litigation between the organization and its third party vendors as a result of a cyber breach.
This course will acquaint you with three prominent cyber threat actors and the vulnerabilities they exploit that can lead to a data or privacy breach. Primary topics that will be explored include: the motivations and capabilities goals of bad actors and how these distinctions lead to different types of attacks; various types of cyber attack and their effect on business operations; physical and electronic vulnerabilities that are generally exploited; and common security protocols that can be used to guard against these vulnerabilities.
This course will cover substantive theories of civil liability arising from data security breach. The course will provide in depth analysis of the claims, defenses and damages being asserted in civil litigation in individual and class actions. The course will cover the latest developments on the economic loss and standing defenses. The course will also cover certification defenses and alternative theories of harm being alleged. The course will provide students with a general overview of federal and state court proceedings and the significant differences between the two. The course will cover unique discovery issues that arise out of cyber liability claims. The course will also cover ancillary litigation such as suits against directors and officers and suits against insurance brokers.
This course will provide a general overview of the types of insurance policies that could be triggered by a cyber related events. The course will generally cover crime, property, directors and officers, errors and omissions and comprehensive general liability policies. The course will provide a discussion on Coverage A and Coverage B policy language under commercial general liability policies provisions with particular emphases on the most commonly litigated provisions in insurance policies.
This course covers the five stages of a cyber breach: (1) Preparation; (2) Detection and Analysis; (3) Containment, Eradication, and Recovery; (4) Post-Incident Activity; and (5) Reporting. The course will provide an in-depth analysis of the necessary steps and activities for each stage, the identification of employees and outside experts involved in each stage, associated costs and damages and risks to the organization. The course will generally cover the tools that are available to accomplish the tasks for each stage.
This course will provide a general overview of federal and state regulation of privacy and breach notification requirements. The course will give the student an understanding of the US federal agencies that regulate privacy and which can bring enforcement actions. The course will provide a general overview of the common federal privacy regulations that govern the medical, education and financial sector. The course will also cover the hospitality and retail sector including the payment card industry. The course will cover, generally, state breach notification laws. With 47 states having different regulations, the student will learn about the common breach requirement and differences.
This course will provide a history and general overview of the stand-alone cyber insurance market including a discussion of the role of reinsurance. The course will cover the construction and terms of cyber insurance policies. The course will also cover claims handling and coverage analysis in the context of a stand-alone cyber insurance policy.