Cyber Security and the Law: Addressing Compliance, Complexity, and Confusion


The Cyber Security Industry Alliance and The Critical Infrastructure Protection Program at George Mason University School of Law present a three-part symposium on the emerging landscape of cyber security legislation and compliance. The frequency and complexity of legislation surrounding cyber security has exploded in the past two years. As our lives and commerce become increasingly dependent on IT systems, the interaction of existing laws and proposed legislation becomes more and more complex. This symposium series explores the complex emerging framework of multi-level legal and technology compliance requirements.


March 22 (State Level)
April 26 (Federal Level)
May 26 (International Level)

Space is limited
RSVP now to Amy Cobb, 703-993-8193 or [email protected]

The symposium series will be held at 6:15 pm on March 22; the April 26 session will be held at Holland & Knight LLP's offices at 2099 Pennsylvania, conveniently located near the Foggy Bottom Metro Stop (Orange & Blue Line); the final session of this three-part series will be held May 26 near Capitol Hill. A keynote speaker or panel will focus on a specific legislative and compliance arena each evening, with a wine and cheese discussion and reception to follow.

State-Level Cyber Security Compliance
Tuesday, March 22 (GMU Law School Main Atrium)
6:15-8:00 pm

California's passage of Senate Bill 1386 places the burden on businesses, no matter where they are based or where they process information, to take "adequate measures" to protect the personal information of California residents. The national impact of this requirement could be profound. Similarly, a recent scan of a legislative tracking service showed that over twenty five state legislatures have proposed legislation that touches upon "spyware," each with potentially different definitions and exceptions. This session will hone in on state-level developments that may develop in conflict with other states and that may impact clients in various ways across state lines.

Invited speakers include…

David Albo and David Oblon of Albo & Oblon LLP. David Albo proposed Virginia's anti-spam law; David Oblon defended one of the first cases prosecuted under the law. Hear the two partners provide perspective on both sides of the issue, as well as the outline of other emerging state-level compliance issues from across the nation.

Federal-Level Cyber Security Compliance
Tuesday, April 26 (Holland & Knight LLP - 2099 Pennsylvania Ave, N.W.)
6:15-8:00 pm

Sarbanes Oxley, HIPAA, and the Telecommunications Act of 1996 were all originally passed to deal with non-cyber security issues - yet each affects how data is transmitted, processed and compiled. The development of case law interpreting these statutes is also likely to determine how broadly federal law impacts cyber security. This session explores the federal landscape and the potential trajectory of judicial interpretation.

Speakers include:

  • Michael Sozan, office of Senator Bill Nelson (D-FL)
  • Frank Cavaliere, office of Senator George Allen (R-VA)
  • Rod Nydam, GMU
  • Jessica Herrera, Minority House Homeland Committee
  • Steve Devine, Majority House Homeland Committee

International-Level Cyber Security Compliance
Thursday, May 26 (Capital Hill or Holland & Knight)
6:15-8:00 pm

If state and federal law appear inconsistent, federal and international law are even more so. Tonight's session will set forth the existing pieces of the international cyber security puzzle, identifying places where diplomacy and concerted effort may be able to harmonize legal issues across borders.

Invited speakers include…

Jody Westby, Chair of the ABA's International Cybercrime Project

Space is limited RSVP now to Amy Cobb, 703-993-8193 or [email protected]

CLE credit may be available