GDPR + NYDFS Cybersecurity Regulations: Keeping up with Compliance on a Local and Global Scale

Level: Advanced
Runtime: 59 minutes
Recorded Date: September 26, 2018
Click here to share this program
Download PDF


  • Vendor Management
  • Law vs. Technology
  • Data Hygiene
  • The Legal Patchwork
  • Key Takeaways
Runtime: 1 hour
Recorded: September 26, 2018


Just when you thought you were 100% in compliance with all of these new regulations, BAM! In the last year, not only has GDPR gone into effect in the EU and Europe, but NYDFS has come out with a new set of cybersecurity provisions as well. So how are organizations -- specifically, financial institutions -- keeping pace? And what are the potential impacts on organizations who fail to meet these requirements?

This program was recorded as part of ALM and Corporate Counsel's 30th Annual General Counsel Conference on September 26th, 2018.

Provided By

General Counsel Conference


Lawrence Montle

Chief Information Security & Privacy Officer
New York State Insurance Fund

Lawrence Montle is currently the Chief Information Security Officer and Privacy Officer at the New York State Insurance Fund (NYSIF). He is responsible for the development and implementation of a comprehensive information security plan to improve and insure agency security levels. In this role, Mr. Montle oversees the recommendation and design of targeted strategies and initiatives to effectively assess risks, maintain the security of NYSIF’s proprietary data, and ensure its protection from unauthorized use.

He also functions as a liaison to the Office of CyberSecurity and Critical Infrastructure Coordination, administering security training for agency staff and ensuring NYSIF's compliance with statewide security policies, privacy standards and controls. Prior to joining NYSIF, Mr. Montle served as internal audit director for the Department of Financial Services, where he oversaw audits conducted by the New York State Comptroller’s office and other external entities, and monitored compliance and adherence to policy review and internal controls.

Among other achievements, he implemented a comprehensive internal audit internship program to train and mentor students. Mr. Montle’s previous positions include serving as information technology director at the New York Liquidation Bureau and working at Verizon as an IT auditor, systems engineer, and network engineer for over a decade. He holds certifications in information privacy (CIPP/US), fraud examination (CFE), information systems auditing (CISA) and is licensed to practice law in N.Y. and D.C. Mr. Montle received his MBA in finance and management from Fordham University and his JD from New York Law School. He obtained his undergraduate degree from New York University.

John Davis

Executive Director and Counsel - Global eDiscovery
UBS Financial Services

John Davis is a litigator who focuses primarily on mitigating risks associated with electronically stored information, for business and legal purposes, driving efficient processes and bridging the gap between legal and technical resources.

At UBS, he is responsible for executing and managing global eDiscovery strategy for the firm, advising on discovery issues in connection with investigations and litigation, running UBS's vendor program, and coordinating related issues with Legal and other functions. John is a frequent speaker on issues involved in cross-border investigations, technology assisted review and audio analysis as well as other ediscovery, data privacy, data security and information governance issues.

Prior to joining UBS, John was counsel at Pillsbury Winthrop Shaw Pittman LLP, focusing on many of the same areas of information law in addition to his litigation and investigations practice.

Orrie Dinstein

Global Privacy Officer
Marsh & McLennan Companies, Inc.

Orrie Dinstein is the Global Chief Privacy Officer at March & McLennan Companies. He has global responsibility for data protection, and he works closely with the Legal, Compliance, IT and Information Security teams as well as other functions to establish policies, procedures, processes and tools related to data privacy and security matters. Prior to joining Marsh & McLennan, Orrie was the Chief Privacy Officer of GE Capital.

Orrie received an LL.M. degree in intellectual property from NYU School of Law and is a graduate of the Hebrew University of Jerusalem School of Law. He is a member of the New York State Bar and the Israel Bar. He is a Certified Information Privacy Professional (CIPP) and a frequent speaker on privacy, social media and technology matters.

Similar Courses

Card image cap
65 minutes
#MeToo - Media Frenzy, New Era in Sexual Harassment, or Both?
Sexual harassment claims against celebrities and high-profile men continue to dominate media coverage in 2018. There is no question that employers are legally required to investigate complaints of harassment in the workplace and take action to punish employees who commit acts of harassment.

American Bar Association


Add to Cart
Card image cap
63 minutes
2018 CA Consumer Privacy Act: The Big Tail Wagging the U.S.
In this session, two leading information governance attorneys will share why you need to and how you can be ready.



Add to Cart
Card image cap
60 minutes
2019 HIPAA Update: Enforcing Privacy & Security Standards
In this session, we will discuss the most critical issues in the HIPAA update and best practices for enforcing privacy & security standards in your company.



Add to Cart
Card image cap
97 minutes
26 Words that Created the Internet - Basics of the Communications Decency Act Section 230 Safe Harbor
This program will examine the basics of CDA 230 and its day to day affect for those who advise internet businesses as well as those who litigate against them. It will give practical guidance as to what extend internet companies can or should edit or censor the information their users contribute to their sites and to what extent those users will actually be liable.

New Media Rights


Add to Cart
Previous Next