Our team of data security attorneys brings a wealth of experience to advise on how to prepare for a data security incident, as well as to evaluate how well a company’s practices and procedures would hold up if examined by a regulator or a plaintiffs’ lawyer. This is especially critical as we see an increase in data breaches combined with an increasingly complex regulatory scheme drive more scrutiny around companies’ data security practices. In particular, what companies did before a breach to ensure they could respond quickly and appropriately is key. For example, our team routinely assists clients with:
- Evaluating cyber insurance policies to identify gaps in coverage and flag “no pay” events;
- Drafting or revising data security incident response plans to ensure alignment with best practices for responding to a cybersecurity incident;
- Reviewing a company’s written information security plan (WISP) to confirm compliance with the data security specifications set forth in myriad laws;
- Negotiating and abstracting third party agreements to ensure proper data security requirements are in place and obligations are incorporated into a company’s incident response plan.