Agentic AI Governance: Cybersecurity, Liability, Guardrails
Lessons From OpenClaw and Moltbook; Skill and Extension Risks; Hallucinated Misrepresentations; Agentic Fraudulent Activity
About the Course
Introduction
This CLE webinar will examine how corporate counsel should evaluate, govern, and document enterprise use of agentic AI, including systems that can autonomously execute multi-step actions, access enterprise tools, and rely on third-party extensions or "skills." The panel will use recent OpenClaw and Moltbook storylines as the launch point to a discussion of legal risk across cybersecurity, data security, vendor management, and internal governance, including what happens when agents act faster than humans can supervise and when permissions are broader than intended.
Description
As agentic system adoption accelerates, legal departments are increasingly participants in risk abatement efforts, including authorization boundaries, data handling and access controls, human-review thresholds, auditability and logging, and incident response.
The panel will examine hallucination-driven misrepresentation, fraud, and social engineering pathways that exploit agent workflows and contracting for risk allocation among platform providers, deployers, and enterprise users.
Listen as our panel navigates building defensible governance frameworks and agreements for agentic AI deployment at enterprise scale and preparing for disputes, investigations, and board-level oversight.
Presented By
Dr. Daswani is a globally recognized cybersecurity expert and co-author of the books “Big Breaches: Cybersecurity Lessons For Everyone” and "Foundations of Security: What Every Programmer Needs to Know." With over two decades of experience, he has helped companies across various industries address emerging threats and strengthen their cybersecurity posture.
Mr. Roosa builds technical solutions, with an AI focus, to help clients tackle difficult legal challenges. He works with legal and technical teams to access hard-to-get technical artifacts and then leverages AI and other technologies to identify issues, propose mitigations and reduce risk. On the privacy front, Mr. Roosa created and maintains NT Analyzer, the firm’s comprehensive privacy testing solution that evaluates the data collection footprint of clients’ websites, mobile applications, connected TV apps, and other varieties of network-aware products and services. His clients include global companies that span a wide range of industries, including, for example, media companies, financial service entities, pharma and life sciences companies, large retailers, hospitality providers and airlines.
Mr. Szewczyk is a partner in Ballard Spahr’s Denver and Boulder offices, Practice Leader of the Privacy and Data Security Group, and co-leader of the Artificial Intelligence Team. He leverages a career that includes both high-stakes transactions and litigation to help companies take a practical approach to assessing risk and complying with the ever-expanding patchwork of state, federal, and international privacy and data security statutes and regulations.
-
This 90-minute webinar is eligible in most states for 1.5 CLE credits.
-
Date + Time
- event
Thursday, May 14, 2026
- schedule
1:00 PM ET/10:00 AM PT
I. Agentic AI, what makes it legally different
A. Autonomy, persistence, and multi-step execution
B. Risk from tool integration and permissions
C. How "confirm before acting" can fail
II. Lessons from OpenClaw and Moltbook
A. Operational failure: action without meaningful confirmation, containment challenges
B. Content streams creating attacker-influencable input channels
C. Durable governance requirement
III. Cybersecurity and data security considerations
A. Agent identity, isolation, privileges, credential management
B. Data classification for risk control
C. Incident response planning and best practices
IV. Misrepresentation, fraud, and downstream harms
A. Hallucination-driven misrepresentation and resulting losses
B. Fraud vectors: agent-mediated installs, credential capture, and impersonation
C. Litigation and evidentiary issues: logs, attribution, and "who approved what"
V. Governance and oversight expectations
A. Role definition: legal, privacy/security, procurement, and product ownership
B. Approval gates and escalation triggers
C. Board and executive reporting, documenting decisions
VI. Contracting and deployment guardrails
A. Vendor diligence regarding model/agent scope and versioning, allowed data use, audit rights
B. Treating "skills"/extensions as part of supply chain management
C. Allocating risk: provisioning security obligations, indemnity, limitations, and incident cooperation
VII. Practitioner takeaways
The panel will explore these and other key areas:
- Why agentic AI has different legal exposure from "output-only” AI tools
- How OpenClaw and Moltbook lead us to enterprise legal controls
- Structuring governance, managing hallucination and misrepresentation, and understanding reliance risk in business workflows
- Addressing fraud vectors and social engineering patterns in agent execution and installs
- Allocating cybersecurity and data security risk in vendor, platform, and deployment contracts, including third-party “skills” providers
Related Courses
Agentic AI Governance: Cybersecurity, Liability, Guardrails
Thursday, May 14, 2026
1:00 PM ET/10:00 AM PT
In-House Counsel Depositions: Navigating Complex Legal and Ethical Issues
Monday, April 13, 2026
1:00 p.m. ET/10:00 a.m. PT
Recommended Resources
