Amid urgent national security, cybersecurity and data privacy threats, companies require deeply experienced counsel to respond strategically to potentially crippling data incidents, so they can get back to business. Led by the nation’s leading legal advisors on national security and data-related regulatory matters, we help boards and top executives safely navigate high-impact breaches and related cyber incidents, and offer specialized regulatory advice in the transactional and compliance contexts.
Our Practice
Our Cybersecurity & Data Protection team provides tactical, real-time advice to the world’s leading companies and boards on complex, high-stakes cyber incidents, national security, and data privacy and protection matters, whether in the regulatory, litigation or transactional context.
The team is led by one of the country’s most preeminent national security lawyers and architect of the modern cybersecurity regime; a former leading member of Special Counsel Robert Mueller’s team who spearheaded investigations of Russian cyber, social media and intelligence efforts to influence the 2016 presidential election; and a former U.S. Secretary of Homeland Security. The broader team includes a former Treasury Department deputy general counsel with responsibility for data protection and cybersecurity matters affecting the financial sector; a former Assistant U.S. Attorney in the Southern District of New York who served as Chief of the Complex Frauds and Cybercrime Unit; and several former Federal Trade Commission officials, among others.
Companies experiencing breaches impacting national security laws or accused of misuse of consumer data need comprehensive advice. We help clients safely navigate the full spectrum of challenges, from media scrutiny and reputational damage to potential business impacts, government investigations and enforcement actions, congressional investigations and private litigation—including class actions and derivative litigation targeting boards. We are adept at providing real-time guidance in the immediate aftermath of an incident and at responding to the longer-term litigation and regulatory fallout, drawing on our preeminent litigation, white collar and regulatory defense, investigations and antitrust teams.
We also focus on stemming problems before they arise. In a compliance context, we can help in:
- understanding fast-changing regulations, regulatory expectations, disclosure obligations and industry standards related to cyber- and national security and data privacy;
- developing “best in class” compliance frameworks to identify and address data collection, sharing, use and retention practices that may give rise to national security, privacy, consumer protection or other regulatory risks;
- analyzing the viability, legality and risk of proposed products, practices and business models in connection with national security laws or privacy regulations;
- crafting national security, cybersecurity and privacy policies and procedures tailored to both external and internal risks; and
- reviewing and implementing crisis management and disaster recovery plans.
In the transactional context, we have advised private equity investors and public companies on national security, privacy and cybersecurity risks and potential mitigations concerning hundreds of transactions in recent years, including those involving technology, fintech, health care, consumer marketing and other businesses, among many others.