Outsourcing Your Cybersecurity Program: Managing Third-Party Vendor Relationships

Price: $0 OnDemand


Sign up today for an entire year of unlimited access to relevant, timely professional learning courses, including webinars, eLearning courses and OnDemand offerings, and keep your professional credits up to date. All for just $399.

Learn more about the subscription!


This is a complimentary program sponsored by IDT911.

IDT911 Logo

All parts of any organization or company are exposed to potential data breaches and hackers in today’s technology- and data-dependent world.  It is up to you to protect your customers’ information; however, internal resources can often be stretched and insufficient to protect from the greatest threats.  The solution is to find an outside partner to help develop your data breach protection and response programs; however, outsourcing can create some unique issues.

Join us for this 60-minute program to learn how to manage your relationships with vendors that are assisting you with your data breach governance program.  Our panelists will discuss how to create and negotiate effective contractual agreements with vendors; liability issues that can arise in the cybersecurity context when outsourcing your data breach response plan; and the insurance implications of working with a vendor.

Educational Objectives:
• How to create and navigate contracts with vendors
• What liabilities can arise when outsourcing a cybersecurity plan, including a discussion of insurance implications
• How to maintain effective and valuable relationships with vendors when outsourcing a data governance program

Who would benefit most from attending this program?

Information risk and technology officers at financial services institutions and insurance organizations, as well as professionals from legal and accounting firms that advise them on cybersecurity matters.




Aravind Swaminathan, Partner, White Collar & Corporate Investigations, Orrick, Herrington & Sutcliffe LLP

Mr. Aravind Swaminathan is a global co-chair of the firm’s Cybersecurity & Data Privacy team, which is nationally ranked by The Legal 500 and recognized “for having an aggressive yet practical approach to solving cyber issues.”  Mr. Swaminathan is an accomplished trial lawyer, litigator, and former federal prosecutor, with extensive experience in cybersecurity and data breaches, government and internal investigations, and privacy-related matters.  He advises clients in proactive assessment and management of internal and external cybersecurity risks, breach incident response planning, and corporate governance responsibilities related to cybersecurity.  Mr. Swaminathan has directed dozens of internal data breach investigations and cybersecurity incident response efforts, including incidents with national security implications.  He also represents companies and organizations facing cybersecurity and privacy-oriented class action litigation that can often follow a breach.  He is a sought-after speaker on cybersecurity issues, including threat landscapes, mitigation strategies, incident response plans, and threat management in mobile device ecosystems.  He also previously served on the City of Seattle’s Privacy Advisory Committee.

Mr. Swaminathan is admitted to practice in Washington state and Massachusetts.  He earned his J.D. from the Boston University School of Law and his B.A. from Cornell University.

Eduard Goodman, Chief Privacy Officer, IDT911

Mr. Eduard Goodman is an internationally trained attorney and the Chief Privacy Officer at IDT911 in Scottsdale, Arizona.  Mr. Goodman has managed global privacy, data protection and breach response programs for IDT911 for over a decade.  He sits on the State Bar of Arizona's Technology Committee and serves as the 2015-2016 Section Chair of the Technology and E-Commerce Practice Section.  He is a Certified Information Privacy Professional (CIPP) with certifications for the U.S., Canada and the European Union.  Mr. Goodman is responsible for working with IDT911's U.S., Canadian and E.U. operations in building IDT911's global data breach response programs.  He has managed over 1000+ data breaches at IDT911 and regularly writes and lectures on data protection, data security and emerging technology issues, especially those with a privacy and/or insurance angle.

Mr. Goodman received his LL.M. in International Business and Trade law at Erasmus University in Rotterdam, the Netherlands, his J.D. with dual concentrations in Intellectual Property and International law from the University of the Pacific's McGeorge School of Law and his B.A. from the University of California at Irvine.  When he isn't working or spending time outdoors with his wife, daughters and dog, he can usually be found garage welding, doing metal work or tinkering on his Jeeps.

Erez Liebermann, Chief Counsel, Cybersecurity and Privacy; VP & Senior Counsel, Regulatory Law, Prudential Financial

Mr. Erez Liebermann is the Chief Counsel of Cybersecurity and Privacy and the VP & Senior Counsel for Regulatory Law at Prudential Financial.  He acts as an advisor to the global enterprise on cybersecurity and privacy matters.  Mr. Liebermann provides counsel to the Chief Information Security Officer and works with the CISO and IT Risk on cybersecurity matters.  He works with the enterprise on response planning for a cybersecurity and privacy incident and conduct tabletop exercises.  Mr. Liebermann oversees the global hitech investigation and incident response unit and conducts outreach to law enforcement and regulatory agencies on information sharing and proactive investigations.  He also advises senior management on cybersecurity and privacy and providing updates to the Board. Mr. Liebermann earned his J.D. from Columbia University School of Law and his B.S. from the University of Virginia.