Each of my talks runs from 45-120 minutes.

I present the specific topic in 45 minutes, or really dive into it for 2 hours.

Multiple topics can also be combined into 2,3,4 or 6-hour sessions for 1/2-day and full-day events.

The agendas/descriptions for each of the topics is:

1) Social Media & Cloud Computing Threats to Privacy, Security and Liberty

Social Media has quickly woven itself into the very fabric of everyday life. This boom in sharing, even the most banal of details, has had a resounding impact on how our children, employees and colleagues communicate.

Using case studies from the US and around the world, we’ll examine how people have lost jobs, college admissions, college degrees, fortunes and freedom through (un)social media.

We’ll also investigate the rampant OVERCOLLECTION of customer and subscriber data by major corporations and governments.

We’ll also discuss some strategies and steps we can take to protect civil liberties and privacy in the age of Social Media.

This interactive and lively discussion presents an overview of US laws (HIPAA, Sarbanes Oxley (SOX), Gramm Leach Bliley Act (GLBA), PCI CISP Credit Card Compliance, the growing number of US state data breach notification laws). We trace the history of information security regulations and ID Theft. We examine credit theft and the threat it poses to the American banking industry, as well as the global economy and what governments around the world are doing to combat these crimes.

Special attention is paid to trends and growth in financial crimes, including:

* ID Theft
* Mortgage/Title Fraud
* SPAM /Botnet for Hire
* Credit Fraud
* Case Studies from around the world

Length: 50 minutes

3) Are you Googling your Clients’ privacy away?

This presentation addresses how various services offered by Google can become a threat to your companies’ privacy and confidentiality policies.

It deals with Google’s capabilities to capture and aggregate information with or without user knowledge. Special attention is given to Google’s key offerings such as:

* Google Searches
* GMail
* Orkut
* Google Toolbar
* Google Desktop
* Android
* Chrome Browser
* Case Studies from around the world

Length: 50 Minutes

4) Expanding your practice using LinkedIn

* This seminar will discuss Common myths about LinkedIn
* Proper uses and misuses of LinkedIn
* The power of LinkedIn Groups
* Case Studies examine different LinkedIn profiles, and how to create effective profiles

Length: 50 Minutes

5) Living in a MultiCompliance World – Part I HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley and PCI-DSS compliance

This presentation provides an overview of the major federal and private information security laws and regulations in the United States.

Case studies examine the real-world impact of non-compliance, analysis of documented cases and guidance on implementing multi-compliance effectively.

Length: 90 minutes

6) Living in a MultiCompliance World – Part II

This presentation provides an ovewview of the impact the 37+ state privacy breach laws have on the federal regulations and PCI-DSS compliance. We examine the New York State Privacy Breach law in depth.

Length: 90 minutes

7) Lessons Learned From the FTC

The FTC has emerged as the leading investigator of privacy and security breaches, and has sanctioned companies and institutions across industries for breaches.  This presentation reviews the FTC’s track record, examines lessons learned from each sanction, and provides guidance based on current and proposed regulations.

Over the last decade, in the absence of a national Consumer Privacy Watchdog/Czar, the Federal Trade Commission (FTC) has set the standard for what it considers acceptable, and unacceptable behavior for companies and organizations conducting business within the United States.

The FTC doesn’t involve itself in the minutae of security standards ‘ala HIPAA, PCI, etc, nor does it dictate what protocols or technologies companies need to use.  Rather, the FTC uses it’s Constitutional and Congressional mandate for regulating Interstate Commerce to hold companies accountable for their breaches.

This presentation will examine the FTC’s track record, put the sanctions in a larger context of privacy and security breaches, and most importantly, we will look at where the FTC is trending with the FTC Health Breach and RED FLAG regulations.

Length: 90 minutes

8 ) PCI Compliance is an expensive, moving target.

Many firms have chosen to become PCI compliant, others are content to sit by the sidelines and hope they won’t get caught.

Countless other firms have engaged in PCI compliance efforts, only to fall short and have significant breaches while being PCI compliant.

Pay NOW for effective, common-sense based compliance, or pay LATER in FTC fines, PCI fines and lawsuits.
Either way, you’re going to pay.

This presentation looks at a Dollars and Cents approach to PCI compliance.PCI Compliance is an expensive, moving target.

Length: 45 minutes

9) Privacy and Security Challenges With Cloud Computing for Attorneys, Accountants and Business Owners

Dropbox, Gmail, Facebook, Amazon Web Services — they’ve become part of the IT DNA.  More than that, they have become household verbs.

Individual consumers and complete corporations moving to Social Media and the cloud has had a resounding impact on how our profession manages enterprise security. In this interactive event, we’ll explore strategies for managing the risks associated with:

- Data Loss Prevention
- Brand Protection
- Privacy Erosion
- Malware Protection
- FTC’s regulatory sanctions
- Guidance from the Courts, FTC, HHS and other regulatory bodies on Cloud Computing and Social Media

This has been presented twice at NYCLA(New York County Lawyers Association)  and makes for a great ETHICS CLE for your law practice or Bar association.

Length:  45-90 minutes

10) Case Studies in Privacy and Security failures from around the globe

We examine large breaches from around the world (US, Canada, Japan, South Korea, Israel, UK, etc), focusing on the historical, cultural and social factors that contributed to the breach.

We also draw out the common threads that tie these breaches together, into a comprehensive narrative.
Length: 45-90 minutes