Card image cap

Navigating Regulatory Compliance Through Effective Data Protection and Governance Strategy

Level: Advanced
Runtime: 59 minutes
Recorded Date: February 02, 2021
Click here to share this program
Printer-Friendly Version
Closed Caption


  • Regulatory Landscape Trends
  • Effective Data Governance Strategy
  • Takeaways
Runtime: 1 hour
Recorded: February 2, 2021


All it takes is one employee clicking on the wrong link in an email, and the hundreds of thousands of dollars you spend on your security infrastructure are useless. So to sit back and rely on your IT department with the expectation that nothing will ever go wrong is a risky proposition. Issues related to data privacy and cybersecurity are not limited to large organizations. In fact, depending on what reports you read, anywhere from 40% to 60% of cyber-attacks specifically target small to medium-sized businesses, and upwards of 70% of small businesses have experienced some form of cyberattack in the last year. The smaller the business, the fewer the resources it will typically have to spend on cybersecurity. If you think a good cybersecurity plan and infrastructure is too expensive, wait until you find out how much it costs not to have one.

This program was recorded as part of ALM's Legalweek 2021 Virtual Conference on February 2nd, 2021.

Provided By

Card image cap


Card image cap

Sarah Armstrong-Smith

Chief Security Advisor, Security Solutions Area
Microsoft Corporation

Sarah is a Chief Security Advisor at Microsoft, where she works with strategic customers and partners across Europe to help them evolve their digital strategy. She is also passionate about working with SMEs and serves as a Non-Exec Director and Board Advisor, to help businesses navigate their tech journey and create their own path.

Card image cap

Sean Sweeney

CISO - Chief Information Security Officer

Sean Sweeney leads the Field CISO and Cloud Security Advisor group within Oracle North America Cloud Engineering. In this role, he is responsible for aligning and mobilizing his team of highly skilled former CISOs, architects, and compliance experts. He and his team focus on advising customer CISOs on security and compliance issues related to cloud, technical messaging and thought leadership, as well as providing strategic direction on Oracle Cloud Infrastructure products and services.

Sean joined Oracle from Microsoft where he was the Global Chief Security Advisor. Sean is a previous Chief Information Security Officer at the University of Pittsburgh, Chief Technology Officer of a legal technology and eDiscovery startup, Chief Information Officer for a national law firm, and Litigation Support Applications Manager for the U.S. Department of Justice. Sean began his career as a Database Administrator for ExxonMobil and the U.S. Department of the Interior.

A frequent author and speaker on cybersecurity, Sean is also an Affiliate Practice Scholar in the University of Pittsburgh’s Cyber Institute of Policy, Law, and Security. He is a graduate of Carnegie Mellon University’s Heinz College CISO Certificate Program and holds both Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP) certifications. He received a BA from George Mason University in Fairfax, VA, and attended Virginia Commonwealth University’s Graduate School of Education in Richmond, VA.

Card image cap

Mark Young

Covington & Burling LLP

Mark Young, an experienced tech regulatory lawyer, advises major global companies on their most challenging data privacy compliance matters and investigations.

Mark also leads on EMEA cybersecurity matters at the firm. He advises on evolving cyber-related regulations, and helps clients respond to incidents, including personal data breaches, IP and trade secret theft, ransomware, insider threats, and state-sponsored attacks.

Mark has been recognized in Chambers UK for several years as "a trusted adviser - practical, results-oriented and an expert in the field;" "fast, thorough and responsive;" "extremely pragmatic in advice on risk;" and having "great insight into the regulators."

Drawing on over 15 years of experience advising global companies on a variety of tech regulatory matters.

Card image cap

Lindsey Tonsager

Covington & Burling LLP

Lindsey Tonsager helps national and multinational clients in a broad range of industries anticipate and effectively evaluate legal and reputational risks under federal and state data privacy and communications laws. She co-chairs the firm’s Artificial Intelligence Initiative.

In addition to assisting clients engage strategically with the Federal Trade Commission, Federal Communications Commission, the U.S. Congress, and other federal and state regulators on a proactive basis, she has experience helping clients respond to informal investigations and enforcement actions, including by self-regulatory bodies such as the Digital Advertising Alliance and Children’s Advertising Review Unit.

Lindsey’s practice focuses on helping clients launch new products and services that implicate the laws governing the use of artificial intelligence, data processing for Internet of Things devices, behavioral advertising, endorsements and testimonials in advertising and social media, the collection of personal information from children and students online, e-mail marketing, telecommunications, and new technologies.

Lindsey also conducts privacy and data security diligence in complex corporate transactions and negotiates agreements with third-party service providers to ensure that robust protections are in place to avoid unauthorized access, use, or disclosure of customer data and other types of confidential information. She regularly assists clients in developing clear privacy disclosures and policies?including website and mobile app disclosures, terms of use, and internal social media and privacy-by-design programs.

Card image cap

Steve Vandeberg

Advance Compliance Global Black Belt
Microsoft Corp.

Security and Compliance are business enablers and sustain competitive advantage when they’re done right. They protect national security, share price, enable collaboration, add value for customers and improve quality of life for employees and citizens.

I help Microsoft develop and incubate these Security and Compliance solutions. Together with our strategic enterprise and government customers, I develop and implement holistic architectures and strategies for security, regulatory compliance and privacy. This can be for digital transformation, in response to an incident or both.

I love sharing ideas and engaging with all stakeholders from executives, to technologists, legal teams, regulators and the public. I’m frequently privileged to speak at leading venues including the RSA Security Conference, Global Petroleum Summit, Security BSides, EnergySec, Hydrovision, PowerGen, Legalweek, Microsoft Technology Centers, Ignite, Microsoft Executive Briefing Center and others.

I’m passionate about advising companies in the security, privacy and compliance space and serving on Boards.

Card image cap

Similar Courses

Card image cap
64 minutes
"I Am Not a Cat" Proceedings in a Virtual World
Besides becoming a pop-culture catchphrase, how has the shift to a virtual environment impacted proceedings over the last year, and what changes do you believe are here to stay? Our panel of experts will examine some of the greatest challenges, faux pas, and successes in virtual proceedings over the course of this transformative time.

Women, Influence & Power in Law Conference


Add to Cart
Card image cap
63 minutes
2021: The Year of the ELM
Panelists will clarify what constitutes an ELM platform, examine its unique and compelling capabilities, and discuss its strategic and tactical advantages, particularly those stemming from data-driven insights and machine-driven decision making. Attendees will gain a clear understanding of the significance of the emergence of ELM solutions, what firms and law departments can achieve with ELM platform, and practical and ethical considerations related to adopting an ELM solution.



Add to Cart
Card image cap
97 minutes
26 Words that Created the Internet - Basics of the Communications Decency Act Section 230 Safe Harbor
This program will examine the basics of CDA 230 and its day to day affect for those who advise internet businesses as well as those who litigate against them. It will give practical guidance as to what extend internet companies can or should edit or censor the information their users contribute to their sites and to what extent those users will actually be liable.

New Media Rights


Add to Cart
Card image cap
76 minutes
360-Degree of Investigation - A Roundtable Discussion Regarding Investigations of Debtors and Recovery of Assets
This panel of lawyers and insolvency professionals with bankruptcy expertise will lead a roundtable discussion regarding investigation of debtors and recovering assets to enhance the value of a bankruptcy estate.

American Bankruptcy Institute


Add to Cart
Previous Next