Speaking a Common Language with your C-Suite when Setting Risk Responsibility Across the Organization

Level: Advanced
Runtime: 55 minutes
Recorded Date: December 05, 2017
Click here to share this program
Download PDF


10:00 am - 11:00 am
  • Background on C-Suite Perspective of Cybersecurity
  • Best practices to help reduce the disconnect
  • Exploring use of automation
  • Risk of Ransomware
  • Questions and answers
Runtime: 55 minutes
Recorded: December 5, 2017


Cyber risk and overall business performance are becoming increasingly more interdependent. As a result, effective cyber risk management includes awareness at the C-suite level.

This panel will present some of the key questions to discuss with your C-Suite during evaluation of your company’s cyber risk programs/policies and provide strategies for setting risk responsibility at various levels across the organization. Leave this session with guidelines for how to establish a common language between organizational members to effectively discuss crisis response and how to engage external stakeholders during risk mitigation.

This program was recorded as part of ALM's CyberSecure on December 5th, 2017.

Provided By



Marc Berger

General Counsel
Flatiron Health

Marc Berger is general counsel at Flatiron Health, where he manages all aspects of the company’s legal functions including corporate compliance, privacy, commercial contracting, health law, and intellectual property activities.

Prior to joining Flatiron Health, Marc was vice president and assistant general counsel at Medidata Solutions, where he had global responsibility for negotiating agreements with life science companies and partners for Medidata’s clinical trial technology and services. He also led the development of contracting standards, and terms and conditions across the business to support the company’s rapid growth from a private to a publicly traded company.

He also served as corporate counsel at Avaya, a global B2B technology company, prior to which he was in private practice focusing on corporate formation, IP protections, product creation and distribution channels, government transactions and regulatory affairs, cybersecurity audits, and identifying government, and private funding opportunities.

Elise Houlik

VP, Senior Managing Counsel, Privacy and Data Protection

Elise Houlik is a Vice President and Senior Managing Counsel on Mastercard’s Privacy & Data Protection Legal team. Based in the company’s Global Headquarters in New York, Elise manages privacy issues across multiple business divisions including marketing, digital products, core business activity, human resources, operations, and enterprise partnerships.

Elise joined Mastercard from Fannie Mae, where she was lead Privacy & Cybersecurity Counsel, and served as a strategic partner with business divisions throughout the company to implement best practices, address cybersecurity concerns, and interface with regulators. Elise is active in the greater privacy community. In Washington, D.C., she served as Co-Chair of the International Association of Privacy Professionals’ (IAPP) KnowledgeNet Chapter, and she is currently a member of the Steering Committee of the Sedona Conference’s Working Group on Data Security & Privacy Liability.

Elise received a Juris Doctor from George Washington University Law School after completing her Bachelor of Arts studies in English at Johns Hopkins University, and is credentialed as a Certified Information Privacy Professional for the United States.

Roger O'Sullivan

General Counsel, Corporate Secretary & Chief Privacy Officer
Cogstate Ltd.

Roger O’Sullivan is General Counsel, Corporate Secretary and Chief Privacy Officer at Cogstate, a cognitive science company focused on optimizing the measurement of cognition. Mr. O’Sullivan has broad, frontline experience establishing strategic alliances and structuring and negotiating complex commercial and corporate transactions. At Cogstate, Mr. O’Sullivan serves as key legal advisor on all major business transactions, reporting directly to the CEO and board of directors. He also oversees certain regulatory compliance and development and protection of the company’s intellectual property portfolio.

Andrew Tannenbaum

Cybersecurity Counsel

Andrew Tannenbaum is Cybersecurity Counsel for IBM. As IBM’s first chief cybersecurity attorney, Andrew is the founder and leader of a global legal team that guides the company on a wide range of cybsersecurity legal, policy, and investigative matters. Working closely with IBM’s chief security officers and senior business leaders, he provides advice on areas extending from IBM’s overall corporate governance for managing cyber risk, to the company’s response to sensitive cyber incidents, to the operational details of IBM’s internal cyber program and policies. He has overseen hundreds of cyber incident response investigations worldwide.

Andrew is a recognized thought leader in the cybersecurity field. He is a regular speaker at cybersecurity events, has testified before Congress as an expert on cybersecurity law, and has appeared in publications such as the Wall Street Journal, National Journal, Politico, and CSO.

Prior to joining IBM, Andrew held several senior national security positions at the Department of Justice and the National Security Agency. He was the NSA’s first Deputy General Counsel for Cyber. He also held senior positions in the Department of Justice’s National Security Division, including Deputy Director of the Guantanamo Review Task Force, and Counsel to the Assistant Attorney General for National Security. During his 10 years in government, Andrew also served as Senior Counselor and Assistant General Counsel in the White House Office of Management and Budget; as a Trial Attorney in the Department of Justice’s Civil Division; and as an Attorney-Adviser in the Department of Justice’s Office of Legal Counsel. Andrew received a number of awards during his time in public service, including the Attorney General’s Distinguished Service Award.

Before joining the Department of Justice, Andrew was an associate at Davis Polk & Wardwell in New York and clerked for Judge Wilfred Feinberg of the United States Court of Appeals for the Second Circuit.

Similar Courses

Card image cap
65 minutes
#MeToo - Media Frenzy, New Era in Sexual Harassment, or Both?
Sexual harassment claims against celebrities and high-profile men continue to dominate media coverage in 2018. There is no question that employers are legally required to investigate complaints of harassment in the workplace and take action to punish employees who commit acts of harassment.

American Bar Association


Add to Cart
Card image cap
92 minutes
#MeToo: Empowering Employees and Employers to Address Workplace Sexual Harassment & Violence
Join our expert attorneys as they discuss how employers can work to prevent and eliminate sexual harassment and violence in their workplace, and create an environment in which employees are able to respond to and report incidents without fear of retaliation. Not only is there a deep moral imperative to rectify sexual harassment in the workplace and promote an equitable work environment, but also there is significant monetary liability as a potential consequence for employers who fail to address harassment in the workplace.

American Bar Association


Add to Cart
Card image cap
77 minutes
§ 363 Sale Issues
Dive into Section 363 sales issues, including whether there are limits to “free and clear”; the GM conflict between Sections 365(h) and 363(f) (“lease-stripping”); sales free and clear of leasehold interests, restrictive covenants and override royalties; being free and clear of successorships in CBAs; selling free and clear of environmental liabilities (La Paloma, Exide); and loan-to-own strategies.

American Bankruptcy Institute


Add to Cart
Card image cap
63 minutes
2018 CA Consumer Privacy Act: The Big Tail Wagging the U.S.
In this session, two leading information governance attorneys will share why you need to and how you can be ready.



Add to Cart
Previous Next