Our Cyber Risk Attorney Services
Our lawyers have a wealth of experience addressing cyber and data incidents, including through our decades of experience working with major insurance companies and corporate policy holders. From phishing and hacking to social media storms and accidental IT failures, we have handled cyber incidents involving loss of data or money and significant business interruption. From first response and regulatory reporting to the resolution of third party claims, we rapidly identify the issues and help manage the exposures to achieve cost effective outcomes.
Our team of privacy and cyber security lawyers has advised clients on some of the largest data security breaches in recent years, and works with clients every day to manage compliance and response following information incidents and cyber attacks. Our breach response team offers 24/7 availability and is able to respond to incidents quickly with a well-developed plan. We can also work as part of an existing incident response team. As breach coach, we will work with you and your policy holder to effectively plan for and respond to cyber security incidents, retain relevant professionals such as data security specialists, identify and comply with breach notification obligations, manage crisis communications, and minimize future liability and business risk. We also represent clients facing litigation or regulatory actions related to data breaches, including under HIPAA and GDPR.
We have successfully addressed incidents in the finance, professional services, healthcare, retail, manufacturing, technology, non-profit, university, and government sectors, and are adept at working
with non-profits and regulated entities that have an additional layer of stakeholders to consider when managing an incident. Whether insider threats, data access or integrity attacks, electronically initiated fraud or traditional computer exploitation and data loss, our team understands that competence, planning, and resilience are critical to successful incident response.
Womble Bond Dickinson’s Privacy and Cyber Security team includes data generalists and lawyers with a wealth of experience in the healthcare, financial, communications, insurance and retail industries as well as working with universities and government. This team also features a former cyber crime prosecutor of the US Department of Justice with experience investigating and prosecuting cyber crimes.
What we do
- Investigate data incidents and help coordinate the client’s response, preserving privileges and minimizing legal, reputational, and business risk
- Advise on cyber policy coverage
- Manage interactions with regulators and law enforcement
- Ensure compliance with breach notification laws, regulations, system rules and contract obligations, including GDPR and HIPAA
- Devise response plans which benefit both clients and affected third parties
- Create e-discovery strategies including preservation, collection, and review
- Manage and/or represent clients in any litigation, regulatory actions, or other investigations arising out of cyber security incidents
- Contribute to a lessons-learned review of the incident to mitigate future risk and minimize legal liability
- Lead data audits and analysis of how data flows and computer systems impact cyber risk and associated legal obligations
- Assist with creation of incident response plans and data policies and procedures
- Draft cyber policy wordings
- Provide data protection and incident response training to executives, risk teams, technologists and client’s employees
- Assist with creation of Incident Response Team
- Facilitate table-top training exercises for IRT, C-Suite and board of directors
- Listen to and advise clients on protections and processes built for the precise needs and obligations of that business