This session will explore the current cloud technology and legal landscape for enterprises, including issues such as: the accelerating regulatory focus on relationships with enterprise cloud service providers; the elevated importance of risk assessments, due diligence and contractual issues relating to cybersecurity and data privacy in enterprise management of third-party service provider and vendor management; the allocation of associated risk as between the service providers and their customers under a model of “shared responsibility” and the lack of understanding among customers and their advisors about how this applies to their risk management programs, and more.

Key takeaways in areas of current concern for insurance, banking, private equity and other financial services companies include, without limitation:

1.     Strategies in dealing with the challenges faced by legal and compliance professionals in providing input regarding I.T. services, where business decisions have already been made and there is pressure to avoid delaying technical innovation, as well as where understanding of the technical services and issues at hand is lacking among lawyers;

2.     Practical approaches in recognizing issues of aggregation and market dominance in the cloud services market that affects the ability of (even very large) customers to negotiate contractual risk allocation and other issues of legal and compliance concern;

3.     The importance of securing service provider transparency in communicating about potential security compromises and service provider obligations with respect to response.