Introduction to the “Shared Responsibility” Model for Allocating Legal Risk in Enterprise Cloud Computing: Not Everything Digital is Binary

Level: Advanced
Runtime: 52 minutes
Recorded Date: February 05, 2020
Click here to share this program
Download PDF


  • Understand why enterprise cybersecurity responsibilities don’t simply transfer to the cloud service provider;
  • Learn how to approach understanding and identifying the appropriate delineation of risk and responsibility in different kinds of cloud relationships;
  • Develop the ability to advise clients on how their enterprise risk management programs interact with those of the cloud service provider and what questions counsel needs to ask of each party.

Runtime: 52 minutes
Recorded: February 5, 2020


With the incredible variety of enterprise cloud services available these days, it is no wonder there is some confusion regarding the allocation of legal risk between cloud service provider and customer. The answer is not binary: neither party takes on all of the risk nor does either escape all responsibility. Instead, the parties enter into a relationship of “shared responsibility”, where the delineation of who is responsible for what will vary based on a variety of factors, for example, what services are involved, what legal authorities have jurisdiction and more.

In this introduction to the shared responsibility model and its implications for legal risk, our expert presenters will lay the groundwork for counsel to develop a more nuanced approach to the legal risk calculus for enterprise clients moving to the cloud.

This program was recorded as part of's Legalweek Conference on February 5th, 2020.

Provided By



Mara Arenson


Mara Arenson, Privacy and Cyber Security Attorney, Microsoft 365 Product Group, Microsoft. She is responsible for advising the clients regarding matters pertaining to privacy, compliance, GDPR, data breaches and security incidents. Prior to supporting the Microsoft 365 Product Group, Mara was a commercial licensing attorney responsible for Microsoft enterprise and cloud products and services. Prior to Microsoft, Mara was general counsel for a an enterprise compliance technology start-up and practiced law at Cooley LLP and Epstein, Becker & Green. Mara is also author of Essentials of Enterprise Compliance, published by J. Wiley and Karoshi: Is It Sweeping America? published by the UCLA Pacific Basin Law Journal.

Adam Cohen

Managing Director
Digital Discipline LLC

A Managing Director at Topside Group, LLC, Adam serves financial services clients with a unique blend of expertise and experience as both lawyer and cybersecurity professional. His practice spans legal risk management, regulatory compliance, investigative and litigation response issues involved in cybersecurity, data privacy, electronic discovery, and information governance. A former litigation partner with an Am Law 100 law firm, Adam is also an experienced and certified professional in information systems security (CISSP), cloud security (CCSP), and ethical hacking (CEH).

He teaches courses in Cybersecurity Law, Electronic Discovery & Information Governance at Cardozo Law School and Fordham Law School and is a prolific author, whose published work has been cited in landmark federal court opinions.

Similar Courses

Card image cap
65 minutes
#MeToo - Media Frenzy, New Era in Sexual Harassment, or Both?
Sexual harassment claims against celebrities and high-profile men continue to dominate media coverage in 2018. There is no question that employers are legally required to investigate complaints of harassment in the workplace and take action to punish employees who commit acts of harassment.

American Bar Association


Add to Cart
Card image cap
92 minutes
#MeToo: Empowering Employees and Employers to Address Workplace Sexual Harassment & Violence
Join our expert attorneys as they discuss how employers can work to prevent and eliminate sexual harassment and violence in their workplace, and create an environment in which employees are able to respond to and report incidents without fear of retaliation. Not only is there a deep moral imperative to rectify sexual harassment in the workplace and promote an equitable work environment, but also there is significant monetary liability as a potential consequence for employers who fail to address harassment in the workplace.

American Bar Association


Add to Cart
Card image cap
77 minutes
§ 363 Sale Issues
Dive into Section 363 sales issues, including whether there are limits to “free and clear”; the GM conflict between Sections 365(h) and 363(f) (“lease-stripping”); sales free and clear of leasehold interests, restrictive covenants and override royalties; being free and clear of successorships in CBAs; selling free and clear of environmental liabilities (La Paloma, Exide); and loan-to-own strategies.

American Bankruptcy Institute


Add to Cart
Card image cap
63 minutes
2018 CA Consumer Privacy Act: The Big Tail Wagging the U.S.
In this session, two leading information governance attorneys will share why you need to and how you can be ready.



Add to Cart
Previous Next