Overview
The stakes have never been higher in cybersecurity and privacy. The recent attacks against our country’s energy and food supply, along with the growing landscape of privacy laws, provide just the latest examples of why it is imperative for organizations to address cybersecurity and privacy realities. Fortunately, Maynard Nexsen’s nationally recognized Cybersecurity & Privacy Practice offers comprehensive, custom solutions to address this pressing need. Leveraging experienced attorneys and technology professionals, Maynard Nexsen’s Cybersecurity & Privacy team provides not only the legal proficiency and technical expertise our clients expect, but an unmatched practical business sense.
Our Services
Cybersecurity & Privacy Compliance
Regardless of industry or business model, every company should have measures in place to guide the protection and use of personal information in order to reduce risk and enhance marketability. Some of the projects we support include:
- Corporate governance management and resource allocation
- Data inventory and mapping
- Privacy and security policies and procedures
- Incident Response Plan development
- Privacy by design product counsel
- Vendor and other third-party risk management
- Cross-border transfer arrangements
- Privacy and cybersecurity training
- Organizational security protocols
- Tabletop exercises
- DSAR response procedures
- Marketing/digital advertising and data sale/purchase compliance
Breach Response
Maynard Nexsen’s on-call breach response team has managed hundreds of incidents, spanning ransomware, BEC, fraudulent wire transfers, insider threats, and application vulnerabilities.
Businesses large and small face a patchwork of international, federal, and state laws and regulations, industry-specific guidelines, and common law theories of liability in the cybersecurity arena. Our breach response team counsels clients on the potential liabilities stemming from these sources and is prepared to navigate clients through incident response, internal investigations, regulatory inquiries, data breach notification laws, and civil litigation.
A timely, coordinated, and effective investigation is critical toward mitigating legal and financial exposure in the event of a data breach. Our team of experienced lawyers and technologists understand what must be done in the immediate aftermath of an incident to deliver an efficient response that complies with our clients’ regulatory landscape and in a manner that maximizes the protection of the attorney-client privilege over the investigation.
Privacy Litigation & Regulatory Investigations
Our team works tirelessly with clients to prepare them for regulatory inquiries and protect them from shortcomings in their cybersecurity and privacy programs. However, when investigations and litigation arise, Maynard Nexsen has the expertise and depth to meet those needs.
Our multi-disciplinary, experienced class action and trial teams stand ready to handle data breach and privacy cases that may be filed following a compromise of personal information. Almost all of these cases are filed as class actions, and Maynard Nexsen’s nationally-recognized Class Action Practice has a wealth of experience successfully defending clients in numerous federal and state courts across the country. In addition, our Cybersecurity & Privacy team has handled hundreds of matters before:
- State attorneys general
- FTC
- OCR
- International data protection authorities
Our team also defends causes of action arising from statutory violations of privacy and cybersecurity laws including:
- BIPA
- CCPA
- FERPA
- GLBA
- HIPAA
- TCPA
Transaction & Risk Advisory Services
Maynard Nexsen’s Cybersecurity & Privacy team supports clients through the intricate process of acquisitions and investments.
- Partnering with M&A counsel and technical diligence teams to conduct privacy and security legal diligence
- Developing comprehensive diligence memorandum with investment risk rating
- Negotiating privacy and security terms of purchase agreement
- Supporting R&W insurance diligence and underwriting
We help clients maximize the value of existing investments through Privileged Risk Assessments. Confidential and privileged risk assessment engagements include:
- Assessment of operational, legal, and compliance risk factors
- Benchmarking a company’s program against industry standards, regulatory requirements, and best practices
- Offering observations on the company’s information security and privacy practices
- Providing insight into legal, compliance, and operational risks
- Providing guidance and recommendations to remediate any identified risks and mature the company’s information security and privacy compliance programs
Through a comprehensive risk assessment process, our team examines key privacy and security domains aligned with due diligence considerations. From corporate governance to cross-border data transfers to network security and more, our guidance and recommendations remediate identified risks and mature the company’s information security and privacy compliance programs.
“The privacy group at Maynard Nexsen has helped us develop and mature a privacy program custom to our business through becoming intimately involved with the underlying aspects of our industry and specific business practices, all at a reasonable price. They have become a trusted and vital partner of both our privacy and cybersecurity departments due to their competent practical legal advice, hands-on approach and willingness to pick up the phone whenever called upon. I am hesitant to promote the practice for fear that the “secret” will get out as their firm seamlessly works with internal partners as if they are one of our own.”
-Blaine Doerrfeld, SVP, Senior Counsel, Athene
“Maynard Nexsen’s expertise and command of the Cybersecurity and Privacy subject matter is unrivaled. They maintain an extensive network of industry professionals.”
-Darrell Jenkins, VP & CISO, Clayton Technology