Who We Are and What We DoEvery organization faces internal and outside threats to the security of its data. Data breaches can result in significant financial and reputational costs. Companies, institutions, and organizations must anticipate cybersecurity challenges and react to cyber events swiftly and definitively. Our multidisciplinary team of attorneys—with extensive investigative and crisis management experience in government, in-house, and private practice—helps clients manage cyber risk, determine the extent of breaches, navigate the evolving landscape of cybersecurity and privacy law, and manage a wide variety of post-breach contingencies. Our services include:
Cyber Event Preparation
Preparation is the best defense against cybersecurity risks. Our team, which includes Certified Information Privacy Professionals and several former state and federal prosecutors, advises clients on data and privacy risks and protections before an incident occurs. We’ve helped clients build security incident and data breach response plans, conducted privacy and data assessments, and advised on cyber insurance planning and coverage. We provide training materials and lead exercises—including simulated breach and mock drills—for attorneys, company officials, and boards. We also assess clients’ compliance with state and federal laws, regulations and regulatory guidance, and industry-specific best practices.
Incident Investigation and Response
When a potential data security incident occurs, it is important to find out what happened—and fast. Our team conducts privileged investigations that include systems reviews, assessments of the nature and scope of the incident, and coordination with third party experts to analyze impacted data and perform fraud analytics. Our deep bench of attorneys with prosecutorial and regulatory experience has the right relationships in place to best protect against risk, trigger the interest of law enforcement when such a focus would be helpful, and facilitate contact with regulators assessing our clients’ conduct and protections. We will continue the representation through advising on disclosure requirements, insurance coverage, and the appropriateness of public statements regarding cybersecurity risks and incidents.
Cybersecurity events present not only legal risk, but risk to one’s reputation. We assist clients in preparing to quickly and confidently answer questions from the board of directors, other stakeholders, the media, regulators, customers, and the public at large—and to do so in a way that preserves legal defenses, the protected nature of our work, and brand integrity. Our attorneys have deep experience in managing crises and solving problems with a variety of stakeholders. We manage rapid response to inquiries, assist management in briefing executives, and if necessary, engage public relations professionals to assist in developing an effective outward-facing strategy.
Data Breach Litigation
The scale of post-breach litigation continues to expand, and the jurisprudence in breach cases across the country continues to evolve. Our highly experienced litigators know how to both achieve quick resolutions and manage complex long-term disputes. Our team has successfully tried high-stakes cases in federal and state courts across the country. In particular, we have extensive experience with nationwide class action litigation in some of the most difficult jurisdictions in the country, and we have litigated well over 100 class actions in more than 30 states. With the breadth and depth of our trial experience, we handle every phase of litigation, from pre-suit investigation to trial and appeal.
We deliver value to our clients and align our pricing mechanism with our clients’ business needs and expectations. Our partners become fully invested in each matter because effective advocacy is a hands-on venture, and we believe that lean investigative and litigation teams can deliver great results in a much more cost-effective way.