SentinelOne’s CyberLaw Forum brings together lawyers, technical experts, and insurance executives to dive deep into challenges faced in today’s cyber insurance and legal realms. From the tactics of threat actors to contemplating the impact of artificial intelligence (AI) on enterprise security strategies, panelists from the event delved into the intricacies of cybersecurity in a rapidly evolving digital landscape.

This blog post highlights the key discussion questions from the event regarding cyber insurance viability post-breach and the intricacies of regulatory compliance, particularly in the wake of new SEC regulations.

Presentations From SentinelOne’s CyberLaw Forum

In partnership with Charleston Law School, the event covered a range of topics that many SentinelOne clients face each day:

• What are threat actors doing and which ones should I be concerned about?
• How will artificial intelligence (AI) impact my plans for securing my enterprise? Will threat actors use AI to overcome defenders?
• Can I get cyber insurance? Or, will they renew my policy now that I have had a breach?

Keynote | Geopolitical Conflict and the Impact on Multinationals

Speakers: Alex Stamos & David Lashway

The event provided a platform for industry experts such as Alex Stamos to share his insights on the cybersecurity leadership landscape within the US government, Ukraine’s resilience in the face of cyber warfare, and the geopolitical dynamics shaping global cybersecurity strategies. Watch the keynote here.

Panel | What’s Concerning Cyber Insurers

Speakers: Chris Keegan, Tiffany Calhoun Pierce, Marcin Weryk, and Peter Castillo

Chris Keegan, who moderated the insurance panel, noted the willingness of senior underwriters to divulge valuable insights into cyber risks and market trends, shedding light on the complexities of insurance underwriting in the digital age.

This panel focused on:

• Understanding the market and the players, including insurance carriers, currently occupying in the cyber insurance domain
• Current strategies on risk mitigation before risk transfer, in-house versus third-party breaches, and quantifying risk assessments
• Rising challenges as the insurance market grows, including systemic risks, war and nation-state attacks, data privacy, artificial intelligence, and supply chain risks for manufacturers

Watch the presentation here.

Panel | Hacking Incident Response

Speakers: Justine Phillips, Nikole Davenport, Brendan Rooney, and Terry Oehring

Meanwhile, Justine Phillips underscored the critical importance of proactive measures and swift response strategies in mitigating the impact of data breaches, emphasizing the need for robust incident response protocols. “There are only two things in life and cyber we can control: Everything we do or don’t do leading up to an event and what we do or don’t do in response to an event.”

This panel focused on:

• Understanding the current threat landscape through the tactics, techniques, and procedures (TTPs) seen both left and right of boom
• Key cyber regulations and enforcement actions
• How to evaluate and manage your enterprise cyber risk
• How to build a smart and flexible program through People, Process & Technology
• Cybersecurity trends to watch out for in 2024

Watch the presentation here.

Panel | Automotive Security & Liability

Speakers: Amy Mushahwar, Todd B. Benoff, and Michael Bryant

For those navigating the intersection of automotive technology and cybersecurity, Amy Mushahwar’s panel offered invaluable insights into the future of driverless electric vehicles and the implications for data security and privacy.

This panel focused on:

• How National Highway Traffic Safety Administration (NHTSA) is approaching the discussion of self-driving cars
• State-to-state travel, creating one set of standards for performance and safety, and strict liability
• The complications between strict and absolute liability, particularly for exploit-based accidents

Watch the presentation here.

Panel | National Cyber Strategy & Federal Regulations

Speakers: Evan Wolff, Megan Stifel, and Rob Knake

Evan Wolff led discussions on regulatory compliance and incident handling, providing clarity on navigating the intricacies of breach notification requirements and strategic decision-making in the aftermath of cyber incidents. This panel also looked at the national cyber strategy implementation with Rob Knake suggesting that “ransom payments should be banned.”

This panel focused on:

• The five-pillar overview of the National Cybersecurity Strategy
• SEC mandatory cybersecurity disclosure and risk management rules
• DFARs and 7012 history – A timeline of changes to how the federal government contracts cybersecurity
• Compliance trends in the cyber supply chain

Watch the presentation here.

Panel | Artificial Intelligence Transforming Cybersecurity

Speakers: Randy Sabett, Kristy Hornland, Jason Ingalls, and Chris Martenson

This interactive and open discussion led by Randy Sabett covered the intersection of artificial intelligence (AI) and cyber law in 2024. The panelists delved into how AI is transforming the legal landscape, from automating routine legal tasks to aiding in decision-making processes. As AI continues to impact privacy, data protection, intellectual property rights, and cybersecurity regulations, we are seeing emerging challenges and opportunities presented by AI in the legal domain.

This panel focused on:

• The multidimensional nature of AI and machine learning (ML) for cyber
• The increasingly commercial use of AI and ML across various industries and disciplines
• How threat adversaries are leveraging AI and ML to monitor and model user behavior to create automated and tailored attacks
• How cyber defenders are embedding AI and ML to accelerate threat identification, improve existing processes, and continuously monitor in real-time

Watch the presentation here.

Conclusion

As we reflect on the wealth of knowledge shared at this year’s CyberLaw Forum, we extend our gratitude to the esteemed panelists, sponsors, and moderators who helped deepen the conversations around these complex and dynamic cybersecurity issues. Learn more about how to participate in next year’s forum here.