Navigating Regulatory Compliance Through Effective Data Protection and Governance Strategy

Sarah is a Chief Security Advisor at Microsoft, where she works with strategic customers and partners across Europe to help them evolve their digital strategy. She is also passionate about working with SMEs and serves as a Non-Exec Director and Board Advisor, to help businesses navigate their tech journey and create their own path.

Sean Sweeney leads the Field CISO and Cloud Security Advisor group within Oracle North America Cloud Engineering. In this role, he is responsible for aligning and mobilizing his team of highly skilled former CISOs, architects, and compliance experts. He and his team focus on advising customer CISOs on security and compliance issues related to cloud, technical messaging and thought leadership, as well as providing strategic direction on Oracle Cloud Infrastructure products and services.

Sean joined Oracle from Microsoft where he was the Global Chief Security Advisor. Sean is a previous Chief Information Security Officer at the University of Pittsburgh, Chief Technology Officer of a legal technology and eDiscovery startup, Chief Information Officer for a national law firm, and Litigation Support Applications Manager for the U.S. Department of Justice. Sean began his career as a Database Administrator for ExxonMobil and the U.S. Department of the Interior.

A frequent author and speaker on cybersecurity, Sean is also an Affiliate Practice Scholar in the University of Pittsburgh’s Cyber Institute of Policy, Law, and Security. He is a graduate of Carnegie Mellon University’s Heinz College CISO Certificate Program and holds both Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP) certifications. He received a BA from George Mason University in Fairfax, VA, and attended Virginia Commonwealth University’s Graduate School of Education in Richmond, VA.

Mark Young, an experienced tech regulatory lawyer, advises major global companies on their most challenging data privacy compliance matters and investigations.

Mark also leads on EMEA cybersecurity matters at the firm. He advises on evolving cyber-related regulations, and helps clients respond to incidents, including personal data breaches, IP and trade secret theft, ransomware, insider threats, and state-sponsored attacks.

Mark has been recognized in Chambers UK for several years as "a trusted adviser - practical, results-oriented and an expert in the field;" "fast, thorough and responsive;" "extremely pragmatic in advice on risk;" and having "great insight into the regulators."

Drawing on over 15 years of experience advising global companies on a variety of tech regulatory matters.

Lindsey Tonsager helps national and multinational clients in a broad range of industries anticipate and effectively evaluate legal and reputational risks under federal and state data privacy and communications laws. She co-chairs the firm’s Artificial Intelligence Initiative.

In addition to assisting clients engage strategically with the Federal Trade Commission, Federal Communications Commission, the U.S. Congress, and other federal and state regulators on a proactive basis, she has experience helping clients respond to informal investigations and enforcement actions, including by self-regulatory bodies such as the Digital Advertising Alliance and Children’s Advertising Review Unit.

Lindsey’s practice focuses on helping clients launch new products and services that implicate the laws governing the use of artificial intelligence, data processing for Internet of Things devices, behavioral advertising, endorsements and testimonials in advertising and social media, the collection of personal information from children and students online, e-mail marketing, telecommunications, and new technologies.

Lindsey also conducts privacy and data security diligence in complex corporate transactions and negotiates agreements with third-party service providers to ensure that robust protections are in place to avoid unauthorized access, use, or disclosure of customer data and other types of confidential information. She regularly assists clients in developing clear privacy disclosures and policies?including website and mobile app disclosures, terms of use, and internal social media and privacy-by-design programs.

Security and Compliance are business enablers and sustain competitive advantage when they’re done right. They protect national security, share price, enable collaboration, add value for customers and improve quality of life for employees and citizens.

I help Microsoft develop and incubate these Security and Compliance solutions. Together with our strategic enterprise and government customers, I develop and implement holistic architectures and strategies for security, regulatory compliance and privacy. This can be for digital transformation, in response to an incident or both.

I love sharing ideas and engaging with all stakeholders from executives, to technologists, legal teams, regulators and the public. I’m frequently privileged to speak at leading venues including the RSA Security Conference, Global Petroleum Summit, Security BSides, EnergySec, Hydrovision, PowerGen, Legalweek, Microsoft Technology Centers, Ignite, Microsoft Executive Briefing Center and others.

I’m passionate about advising companies in the security, privacy and compliance space and serving on Boards.