Skip to main content

New Cybersecurity Requirements for 2020: What States Are Doing to Standardize Requirements for Financial Institutions and Insurers


Speaker(s): Brian L. Hengesbaugh, Harry A. Valetk, Nubiaa Shabaka
Recorded on: Apr. 15, 2020
PLI Program #: 298336

Brian Hengesbaugh is Chair of the Firm's Global Data Privacy and Security Business Unit, a Member of the Firm's Global IP Tech Steering Committee. Brian is listed in The Legal 500 Hall of Fame and was recognized as a Regulatory & Compliance Trailblazer by the National Law Journal. He is also listed as a Leading Lawyer for Cyber law (including data protection and privacy) in The Legal 500 and is listed in Chambers. Formerly Special Counsel to the General Counsel of the US Department of Commerce, Brian played a key role in the development and implementation of the US Government’s domestic and international policy in the area of privacy and electronic commerce. In particular, he served on the core team that negotiated the US-EU Safe Harbor Privacy Arrangement (Safe Harbor), and earned a Medal Award from the US Department of Commerce for this service. In addition, Brian participated on behalf of the United States in the development of a draft Council of Europe Treaty on Cyber Crime, and in the negotiation of a draft Hague Convention on Jurisdiction and the Recognition of Foreign Judgments. Brian has been quoted in the Wall Street Journal, New York Times, Forbes, CNET, Slate Magazine, Compliance Weekly, BNA Bloomberg, PCWorld and other news publications on global privacy and security issues.

Practice Focus

Brian provides advice on global data privacy, data protection, cybersecurity, digital media, direct marketing information management, and other legal and regulatory issues. He focuses on these issues in the context of: (i) advisory matters, such as new privacy and security laws and regulations, as well as technology transformations related to IoT, blockchain, mobile, cloud, data monetization, and other initiatives; (ii) transactional matters, such as mergers & acquisitions, sourcing, distributor, business partner, and other third party arrangements; and (iii) crisis matters, such as data security events, regulatory and governmental inquiries related to privacy and security issues, internal investigations, and litigation-related matters.

Brian's practice covers privacy and information management, with emphasis on regulatory and transactional issues, including data security and information technology, privacy and data protection, sourcing, digital and electronic signatures, email and telemarketing, social media, cyber crime, and jurisdiction and the enforcement of foreign judgments.

Professional Honors

  • Legal 500 Hall of Fame 
  • Leading Lawyer in Technology: Cyber law (including data protection and privacy), Legal 500 USA, 2009-2017
  • Regulatory & Compliance Trailblazer, National Law Journal, 2015
  • Recognized in Privacy and Data Security Law, Best Lawyers in America, 2016-2017

Professional Associations and Memberships

  • American Bar Association - International Law Section
  • International Association of Privacy Professionals (IAPP) - Former Advisory Board Member

Admissions

Illinois~United States (2004)

Indiana~United States (1995)

Education

University of Minnesota Law School (J.D. cum laude) (1995)

Central European University (Budapest) (Certificate) (1993)

Washington University (A.B. Economics) (1991)

Languages

English

German


Harry A. Valetk is a Partner in Baker McKenzie’s Global Privacy and Security Practice Group based in New York, where he advises global organizations on privacy and data security compliance requirements. He regularly supports companies in the insurance and financial services sector, pharmaceutical/ healthcare, hospitality, cloud technology, and manufacturing industries.  His practice is focused on delivering commercially practical advice on designing security, privacy, and technologically compliant solutions. Harry's practice routinely covers issues that range from supporting M&A transactions that result in cross-border data transfers, to digital marketing, regulatory enforcement defense, and cyber security and data breach incident response. He also helps clients perform privacy risk assessments for highly-regulated entities on numerous data protection topics, including the California Consumer Privacy Act (CCPA), GDPR,HIPAA, GLBA, the Children’s Online Privacy Protection Act (COPPA).  Before joining the Firm in 2014, Harry was Director of MetLife’s Global Privacy Office.  Before MetLife, Harry led the video game publishing industry’s privacy compliance efforts as the Director of Privacy Online for the Entertainment Software Rating Board and its COPPA Safe Harbor Seal Program. Finally, Harry served as a trial attorney for the U.S. Department of Justice, Civil Division.


Nubiaa Shabaka is AIG’s Chief Cybersecurity & Privacy Legal Officer.  Her responsibilities encompass overseeing all legal aspects of AIG’s global cybersecurity, information security, data protection and privacy programs.  Prior to joining AIG in January 2019, Nubiaa was the Chief Global Cybersecurity Legal Counsel and Chief North America Privacy and Data Protection Legal Counsel at Morgan Stanley.  Prior to her 11 years at Morgan Stanley, Nubiaa was a technology associate in Proskauer Rose’s New York office for almost 6 years.  She earned a Bachelor of Arts, magna cum laude, from New York University and a Juris Doctoris from Harvard Law School.