A&D companies face unique obligations in protecting sensitive data from theft, unauthorized release, and cyber intrusion. This session addresses how organizations can comply with applicable regulatory cybersecurity frameworks, prepare for incidents, and respond effectively when breaches occur.

Key topics include:

• Navigating industry-specific cybersecurity requirements, including frameworks for companies handling Covered Defense Information (CDI).
• Best practices for incident response planning, investigation, and reporting.
• Utilizing cybersecurity maturity models and assessments to enhance organizational resilience.

As data protection laws continue to evolve, organizations face increasing challenges in navigating the complexities of data breach response and notification requirements. This course provides an updated and comprehensive overview of the EU General Data Protection Regulation (GDPR) and U.S. data breach notification laws, with a focus on the latest developments and practical strategies for compliance in 2026.

Key questions addressed include:

• What are the current reporting obligations under the GDPR, and how have they evolved since its implementation?
• How do the GDPR’s data breach response and notification requirements compare to the latest U.S. state and federal laws?
• What trends have emerged in how European authorities handle data breach notifications, and what lessons can be drawn from recent enforcement actions
• How can organizations leverage longstanding experience with U.S. breach notification laws to better prepare for compliance with global regulations?

Ransomware attacks continue to escalate globally, posing serious risks to organizations and their supply chains. This session will examine current trends in ransomware incidents, share practical guidance on preparedness and response, and highlight lessons learned from advising numerous organizations affected by ransomware in recent years.

Participants will gain insight into:

• Key attack vectors and evolving tactics used by threat actors.
• Strategies for incident preparedness, response, and mitigation.
• Practical takeaways drawn from real-world experience handling ransomware events.

Smart products and internet-connected devices continue to drive innovation across industries. As companies increasingly offer software- and network-based services—often leveraging machine learning, data analytics, and customer personalization—the definition of the product or service being offered becomes more complex. Additionally, third-party or cloud-based functionality can obscure competitive landscapes and technology ownership.

This session will explore:

• Strategies for analyzing your business and competitors in a rapidly evolving technological environment.
• Approaches to protecting technology and intellectual property in smart products and connected services.
• Practical guidance on managing privacy and cybersecurity risks arising from new technology deployments.