Lori S. Nugent focuses her practice on cybersecurity and privacy issues, with specific focus on incident investigation and breach response, regulatory investigation and litigation, and assisting clients in staying ahead of cybersecurity risks. Lori regularly serves as lead breach response counsel, having defended hundreds of breached operations since 2003, including operations of all sizes in a wide variety of market sectors, including retail, health care, financial institutions, energy and utilities, public entities, hospitality, high tech, and higher education, as well as for a variety of professionals.
To date, most of the breached entities that Lori has defended have avoided sizable publicity, regulatory fines and penalties, and post-breach litigation. In responding well to potential and actual breach situations, Lori is able to build a record that protects a breached entity’s reputation and includes strong proof points that make a difference when regulatory investigations and class action litigation proceed in the aftermath of a breach. Because the first hours and days of responding to a breach are critical, Lori and lawyers she has trained in first response techniques are prepared immediately to help clients faced with actual or potential breach situations. When needed, we generally are able to have a qualified person at the necessary location within hours. As a breach situation unfolds, Lori is able to deploy lawyers with specialized skills sets, such as HIPAA compliance, internal investigations, and employment practices as needed. From the outset, Lori coordinates a careful, efficient, and well documented response that complies with regulatory obligations and protects the organizations she represents. Lori maintains a wide-ranging network of vendors involved in breach situations and is able to access a variety of vendors quickly on favorable terms, covering needs from forensic investigations to breach notification mailing, call centering, credit monitoring and identity restoration services, among other useful skills.
In addition to serving as a first responder to data breaches, Lori defends breached entities that are faced with regulatory investigations and class action litigation. Her understanding of the technical aspects of cybersecurity preparedness and breach response, combined with proof points developed in responding well to a breach, is a powerful weapon when brought to bear in the regulatory and litigation context. In class actions, Lori has attained precedent-setting results. She seeks cost-effective ways for clients to attain results; sometimes, taking unconventional approaches to attain quick results favorable to the client.
Lori uses experience gained in defending breached operations to advise senior management and boards of directors, helping organizations improve their cybersecurity preparedness. She works collaboratively to develop strong policies and procedures, often working with technologists to assist operations in meeting compliance goals including adoption of governmental guidance as cybersecurity expectations move toward standardization. Lori also has collaborated with insurers, brokers and companies to enhance and create insurance solutions to protect companies from the negative financial impact of cyber liabilities, including data breaches. She encourages careful analysis of cyber exposures, and facilitates thoughtful evaluation of insurance coverage and reserving options.