Cybersecurity, Privacy and Data Protection

We help businesses shape customized strategies to cope with today’s cyber threats. Morrison Mahoney’s Cybersecurity, Privacy and Data Protection team is known for proactive cyber risk assessment as well as effective breach responses.

Preventing Breaches through Proactive Counseling
Our attorneys provide practical strategies for data breach prevention, detection and mitigation. In highly regulated industries including financial services, insurance and healthcare, clients turn to us to manage regulatory compliance with international, federal and state privacy and data protection laws, including the GLBA, GDPR, NYSDFS, HIPAA, CCPA, as well as all state data protection and breach notification statutes. We help clients across all industries adopt practices that meet recognized security standards, guiding them to craft Written Information Security Programs (WISP) and to develop strategies that detect, defeat, minimize and contain cyberattacks. We team up with clients to implement important best practices, working collaboratively to preserve sensitive information, establish vendor protocols and institute employee data policies and training.

Effective Breach Response Strategies
With direct knowledge of the intricacies of regulatory compliance for data security and response protocols, our highly visible, well-coordinated and responsive team is called in to deal with investigations and launch defenses to overcome data breaches. We advise clients through complex incident responses, often taking an active role coordinating forensic investigations, restoring normal operations, and overseeing public relations and crisis communications. For insurance industry clients, we work directly with carrier providers to handle any litigation that may result from a cyberattack. With deep experience handling large multi-jurisdiction losses, we also provide claim resolution strategies to both insureds and insurers, including strategies for controlling litigation costs. Regardless of the industry, our attorneys directly address all ways to mitigate the impacts of a breach, help organizations quickly recover from business interruptions, protect leadership from liability and minimize reputational damage.

Our Cybersecurity, Privacy and Data Protection team of lawyers work with clients to:

• Develop compliant data security policies, incident response plans and corporate governance policies that protect C-Suite executives, the Board of Directors and other key personnel
• Ensure employees and officers are involved in, and approve of, cybersecurity protective measures
• Conduct risk assessment of existing IT infrastructure, working in tandem with cybersecurity consultants
• Help build awareness, implement plans to thwart offenders, and promptly respond to cyber-attacks
• Review of federal and state laws and regulation of governing industry sector boards.
• Establish reporting channels through C-Suite executives and/or Board appointed executive committees to report cyber-security measures, threats, audits, probes, surveys, crisis management and other related issues to secure and prevent data breaches at a network and employee level
• Provide executive training with an emphasis on board risk assessment responsibilities and corporate governance
• Lead employee training, education and awareness of an organization’s data security policies and procedures
• Assist with other required cyber-security considerations, such as the evaluation of specialty cyber-security or risk insurance

For more information on how Morrison Mahoney can help your business with Cybersecurity, Privacy and Data Protection, please contact one of our attorneys.