Privacy & Data Security attorneys Diane D. Reynolds and Matthew D. Lawless participated in a panel discussion following the keynote address at Technology First’s 9th Annual Taste of IT, held on Nov. 18 at the Sinclair Community College Ponitz Center. Lawless moderated the panel discussion on “Cybersecurity Compliance: If it ain't working for Anthem, Lifelock and Neiman Marcus, What am I Supposed to do for My Company?” and Reynolds participated in a dialogue along with Spencer Timmel from Hylant, Justin Root from the Ohio Attorney General's Office and Jon Adams from SALIX.
The group discussed the marquee breaches (Anthem, Home Depot, Morgan Stanley, Target, Linked In and Sony) that have helped U.S. Fortune 1000 companies understand that data security must be taken seriously. The speakers emphasized the fact that companies must invest in their data security and proactively manage and protect it. As the Fortune 1000 strengthen their collective defenses, this reduces the amount of “low hanging fruit” available to cyber criminals, forcing them to target small and medium sized companies who often have weak defenses. Currently 31% of hacks occur at companies with less than 250 employees. That percentage will increase as criminals shift their focus to what may be perceived as “softer” targets.
Reynolds has an extensive background in corporate transactional, finance and general business matters. She possesses a unique depth of expertise in privacy/data security combined with strong technology experience due to her lengthy involvement in the technology sector. Reynolds holds the Certified Information Privacy Professional/United States (“CIPP/US”) credential and the Certified Information Privacy Manager (CIPM), the global standards in privacy certification, through the International Association of Privacy Professionals (“IAPP”). She is listed as the 2016 Lawyer of the Year – Business Organizations, Columbus, Ohio by Best Lawyers in America.
Lawless is a member of the firm’s Privacy & Data Security and Litigation groups. He counsels start-up companies, banks, media companies and other businesses regarding their data collection, retention, sharing and security practices. Lawless teaches privacy law at the University of Dayton School of Law. He is a Certified Information Privacy Professional/United States (CIPP/US), Certified Information Privacy Professional/Europe (CIPP/E), and Certified Information Privacy Manager (CIPM).