Mullen Coughlin

Mullen Coughlin is the largest law firm exclusively dedicated to counseling organizations in the context of data privacy and security. Our mission is to be – and remain – the thought leader for all things data privacy and security for the cyber insurance community, including insureds, insurers and brokers. With an unmatched knowledge of data privacy and security laws and unparalleled experience in handling over 25,000 data privacy and security incidents on behalf of organization of all sizes, across all industry sectors and from all geographic locations, our attorneys are uniquely and solely dedicated to provided bespoke data privacy and security legal counsel relating to Advisory Compliance; Incident Response; Litigation; and Regulatory Investigation. If you suspect your organization is currently experiencing a data privacy and security incident, contact the 24/7/365 Mullen Coughlin Incident Response hotline at 844.885.1574 or via email at [email protected].

*Designation Date: 1/2019

Baker McKenzie

Founded in 1949, Baker McKenzie is recognized as the world’s strongest law firm brand for 12 years running (Thomson Reuters). The cybersecurity and data privacy team draws from their experience advising multinationals across sectors. With expertise on the ground across the world, they take an international coordination role and triage a breach across all markets, ensuring that nothing slips between the cracks. They have an extensive network of current and former government and regulatory contacts, both inside and outside the firm. They take a no-borders, no-boundaries approach to ensure the best multijurisdictional team for every matter. They mitigate the implications of a breach and manage any ongoing litigation.

*Designation Date: 6/2020

Octillo

Octillo is a 360-degree technology law firm and one of the few firms in the United States with a recognized focus solely on data security, privacy and technology compliance, incident response, and litigation.

As a women-owned law firm focused on providing innovative legal solutions to complex technology, cybersecurity, and data privacy challenges, Octillo partners with organizations around the globe to build privacy and security compliance programs, conduct trainings, negotiate technology contracts, respond to data incidents, prepare for regulatory investigations, and defend against consumer class actions or technology and contractual disputes. Guided by their core values of excellence, drive, and originality, Octillo works with executive leadership and cross-disciplinary teams to understand their business objectives and regulatory obligations to craft out-of-the-box, practical, and legally defensible technology, and legal strategies.

Octillo maintains the bench strength to act swiftly and the deep technical experience and forensic support necessary to navigate the early moments of an incident when a data breach or security event occurs, Octillo’s incident response team mobilizes, providing immediate, around-the-clock access to counsel. The team works with businesses across industries to devise a strategic and custom-tailored IR plan with a sophisticated incident response process. Octillo assists in preserving sensitive data and systems while restoring business operations, coordinates digital forensic investigations and insurance reporting, analyzes legal and contractual reporting obligations, works towards state, federal, and industry regulatory compliance, prepares internal and external crisis management communication plans, and provides counsel on notification and identity monitoring obligations. With offices from California to New York, Octillo provides responsive, collaborative counsel to help clients address the evolving data security and privacy landscapes and prepare for the future. The team is available when needed, maintaining a 24/7 Data Breach Hotline: 844-502-9363.

*Designation Date: 12/2020

Ballard Spahr

Ballard Spahr is a national law firm with more than 650 attorneys in 15 offices. Founded in 1885, the law firm focuses on litigation, securities and regulatory enforcement, business and finance, intellectual property, public finance, and real estate matters. Ballard Spahr’s cross-disciplinary team helps clients achieve their objectives and mitigate cyber risk. Should a cyber incident occur, their attorneys are prepared to move quickly. They have deep experience in cyber-related internal investigations, regulatory compliance and enforcement matters, cyber-related crisis management, and both civil and criminal litigation.

Their team of cyber security attorneys across the country works with clients—leveraging industry vendors when needed—on the development and implementation of programs and training protocols to identify and avoid risk. They offer comprehensive guidance on compliance and information governance, help clients assess and manage vendors, and advise on the many privacy and data security-related issues that can arise during transactions including cross border transfers, regulatory compliance, privacy and consumer marketing compliance, cyber incident planning and investigations and ligation.

*Designation Date: 7/2021

Cipriani & Werner

Cipriani & Werner is a multidisciplinary law firm with attorneys located throughout the Eastern U.S. region. With over 150 professionals in16 offices in 8 states and the District of Columbia, they are able to support the needs of their clients on both a local and regional basis.

Cipriani & Werner’s Cybersecurity practice group is uniquely equipped to assist clients in the diverse and quickly evolving field of data privacy and information security liability. Their team works with cybersecurity experts and technology firms to develop a coordinated, interdisciplinary approach to each matter confronting their clients. They draw on the firm’s experience in the insurance areas of professional liability, fidelity, healthcare, life sciences, mass tort class action litigation, commercial and employment litigation to quickly, efficiently and cost effectively assist clients. Their team works closely with companies to assist them in securing and protecting sensitive information by developing and implementing corporate governance, cybersecurity practices, incident analysis protocols and response programs. Their extensive knowledge of privacy laws, government regulations and legal strategies enables them to effectively protect clients’ privileged data and corporate assets by providing risk management advice that reduces the risk of costly breaches and data loss. Cipriani & Werner attorneys work with company management, Boards of Directors, outside vendors, and government agencies to protect the interests of their clients. Contact their Cyber Team 24/7 at 1-833-63-CYBER.

*Designation Date: 9/2021

McDonald Hopkins

The core strength of McDonald Hopkins is their 150 attorneys who work individually and together as part of specialized teams to help strategically plan for an increasingly competitive future.The firm has a 90-year history of guiding clients in various industries through the most difficult times. Our national data privacy and cybersecurity attorneys have a wealth of experience advising clients in a myriad of industries on the rapidly changing state, federal, international, and industry privacy and breach notification laws. We can also provide support on a daily basis and during investigations by state and federal regulators, as well as assistance with breach coaching and incident notification, international privacy compliance, payment cards and ecommerce, privacy litigation and class action, proactive measures and breach compliance, regulatory investigation and government response and vendor relationships. If you suspect that your organization has suffered a data breach or privacy incident, call 24/7 hotline at 855-MH-DATA1 (855-643-2821).

*Designation Date: 12/2021

Baird Holm LLP

Founded in 1873, Baird Holm LLP has a team of 95 attorneys, licensed in 22 states and is proud to represent public and private companies, individuals, private funds and other investors, financial institutions, governmental entities and nonprofit organizations. Baird Holm is a trusted counsel for clients in the time of preparation and crisis with their Cyber Law & Security group. They guide clients through implementation of data protection mechanisms, preparation of incident response plans and help clients through the legal maze of regulatory issues and requirements. They draft policies, plans, and procedures which meet the legal requirements as well as government and regulatory standards. Their team manages responses to cyber breaches, investigations and criminal and civil cases. They handle data breach investigations on state and national levels, and manage the forensic investigation and analysis to learn from incidents and respond to government inquiry or private action claims. Baird Holm does all of this with cost-effective strategies, helping their clients each step of the way through evaluation to breach response, as well as lessons learned. The emergency after-hours rapid response number is: 402-231-8585.

*Designation Date: 1/2022

Lewis Brisbois

Lewis Brisbois offers clients one-stop end-to-end legal solutions for data privacy and cybersecurity matters, including data privacy compliance, pre-incident cyber risk management, breach response, and defense of third-party claims and class actions arising out of data breach incidents. Our national Data Privacy & Cybersecurity Practice has deep experience handling sophisticated cyber- attacks and events that can compromise highly sensitive personal information. We handle cross-border data breaches, often through our alliance with firms around the world. In addition, our team draws on the talent of our 1,600+ attorneys in 55 strategically located offices to defend complex class actions arising out of data breaches and privacy violations. 24/7 Data Breach Response Hotline: 888.417.8855 and email: [email protected].

*Designation Date: 1/2022

Thompson Hine

For more than a century, Thompson Hine has been committed to excellence on behalf of their clients, their people and the communities in which they live and work. Clients rank Thompson Hine among the top firms in the United States for client service, transparency, and innovation year after year.

Thompson Hine’s nationally recognized Privacy & Cybersecurity practice offers clients an interdisciplinary group of lawyers with deep experience advising on complex data protection issues. They provide strategic counseling, regulatory compliance, and litigation services to clients in a wide range of industries. In particular, Thompson Hine frequently helps clients respond to ransomware attacks, business email compromises, and other cybersecurity incidents, and they regularly lead and direct investigations into such data security incidents and coordinate a single response process among internal and external technology consultants, insurance providers, and other key stakeholders. Thompson Hine also routinely helps clients draft and deliver personal data breach notification letters and comply with the patchwork of domestic and foreign data breach notification laws. Their team includes former White House attorneys, intelligence and national security officials, federal and state prosecutors, and other highly experienced privacy and security lawyers.

Through their SmartPaTHTM budgeting tool, Thompson Hine leverages their proprietary databases, historical repositories, and cutting-edge AI technology to create comprehensive budgets to predict costs and expenses based on their experience with similar matters. The SmartPaTHTM budgeting tool is a key part of Thompson Hine’s approach to managing and delivering legal services to achieve efficiency, transparency, and predictability without sacrificing quality.

If your organization is experiencing a data privacy or security incident, contact us 24/7/365 at ThompsonHine.com/services/privacy-and-cybersecurity/contact.

*Designation Date: 1/2022

Connell Foley

The Connell Foley Cybersecurity Privacy Incident Response Team has an impressive proven track record since entering the space in 2008. The experienced and service oriented attorneys are highly respected by clients, cyber insurers, and IR vendors. The group has cultivated strong relationships with law enforcement, DHS, CISA and regulatory bodies. Karen Painter Randall, Chair of the firm’s Cybersecurity, Data Privacy and Incident Response Group, is recognized as a national thought leader in cybersecurity across all industries, especially in healthcare, professional and financial services, education and the public sector. Connell Foley lawyers take a holistic approach to cybersecurity, frequently speaking at national conferences, publishing and serving in national cybersecurity leadership with law schools, the ABA, state bar associations and the public sector.

The Incident Response (IR) Team has extensive experience managing responses to data security incidents. Given that time is of the essence in responding to a cyber-attack, Connell Foley operates a crisis management hotline and email address — 24 hours a day, seven days a week – giving immediate access to a member of the firm’s IR Team. Such a response can help mitigate the company’s legal, operational, financial, and reputational damage and ensure that timely notifications are prepared as required by applicable laws/regulations.

Clients throughout the country value our representation in federal and state court and alternative dispute resolution forums. Our experience includes defending against regulatory investigations and enforcement actions, third-party data breach class action-related litigation, and breach of contract.

*Designation Date: 9/2022

DLA Piper

DLA Piper’s cybersecurity practice is a Tier 1, global practice, with over 180 professionals in more than 40 countries, including an integrated, highly-rated, consulting team, that can handle any cybersecurity issue, anywhere, anytime. Our team has collectively managed thousands of data breaches, and we have been retained in some of the highest-profile cybersecurity incidents. We can help solve security problems using established round-the-clock protocols for immediate coordination and response.

Whether an incident involves one or multiple countries, our team members use a common incident response protocol that is adapted to the regulatory and privilege requirements and culture of their countries without creating risk in other parts of the world. The firm works as a cohesive team bringing a coordinated response to investigations and incidents. Our global multidisciplinary team of lawyers and operational consultants advise on all issues surrounding cybersecurity, from building cyber resilience, through to incident response, and post-incident remediation, providing a holistic and tailored client service. Crisis management legal advisers are available 24/7 globally at [email protected].

*Designation Date: 9/2022

The Beckage Firm PLLC

The Beckage Firm PLLC is an exclusive law firm that counsels select organizations and high-net-worth individuals on innovation, business strategy, crisis preparedness, crisis management, and other tech and data security and privacy matters. Law firm founder, Jennifer A. Beckage, Esq., CIPP/US, CIPP/E, and the entire Beckage Team focus their law practice on innovation and technology, with a recognized focus on data security and privacy and incident response. The Beckage Firm and their team has responded to numerous headline-making, national and international cybersecurity incidents, and counseled organizations of all sizes. The Beckage Firm serves small and medium-sized organizations and international businesses.

With the rapidly changing cyber risk and information privacy landscape combined with the increase in data breaches and security incidents, The Beckage Firm recognizes the need for an agile team, ready and able to respond swiftly – their practice group aims to assist clients, particularly those in the financial sector, when a data breach or incident occurs. Their team is able to guide clients through their response with legal and contractual obligations, applicable notifications and monitoring, applicable state and federal laws and regulatory compliance, forensic investigations and notifications, data, systems and software preservation, coordinating with insurance carriers and applicable reporting, public relations and crisis management.

*Designation Date: 9/2022

Baker Donelson

For 130 years, Baker Donelson has built a reputation for achieving results for their clients, both nationally and internationally, on a wide range of legal matters. As the 82nd largest law firm in the U.S., Baker Donelson gives clients access to a team of more than 650 attorneys and public policy advisors representing more than 30 practice areas, all seamlessly connected across 23 offices to serve virtually any legal and policy need. They provide to their clients a global network of local counsel and other professionals, and have helped their clients take advantage of global opportunities in more than 100 countries spanning six continents.

Baker Donelson advises clients on a full array of legal and business issues associated with data protection, privacy and cybersecurity, including: The California Consumer Privacy Act of 2018, Blockchain and Digital Assets Technology, Data Incident Response, Data Protection for Financial Services Industry, Data Protection for Payment Card Industry, Digital Healthcare Protection and Health information Technology, HIPAA, and GDPR.

*Designation Date: 9/2022

Clark Hill

Clark Hill’s Cybersecurity, Data Protection, and Privacy attorneys advise clients on emerging challenges related to today’s digital economy. Combining legal and non-legal skills, our attorneys, ethical hackers, and former military and intelligence technologists provide a holistic approach to identifying, mitigating, and responding to cyber threats.

When a security incident occurs, our 24/7 Rapid Response Team addresses legal, technical, and operational challenges that arise. Our multi-disciplinary team manages the end-to-end process from containment to recovery, minimizing operational disruption, negative repercussions, and costs. Post-incident, we help clients ensure vulnerabilities have been remediated and implement new practices, tools, or procedures to strengthen their cyber resiliency.

Our attorneys also represent companies facing data security and privacy regulatory investigations and litigation, including class actions. We have successfully represented clients in multiple industries in disputes related to privacy, invasion of privacy, contracts, consumer fraud, statutory claims, and other matters. With experience before federal and state trial and appellate courts, our attorneys have litigated cases of first impression establishing favorable law, including obtaining summary judgment in a class action case alleging damages from the theft of a hard drive, and successfully defending a hospital system against a class action arising out of a ransomware attack.

*Designation Date: 10/2022

Freeman Mathis & Gary, LLP

Valuable business outcomes demand high-quality legal work and lawyers who apply business sense to every step in the process. That’s the power of FMG Law: a law firm with national reputation, local knowledge, and personal attention to its clients. The firm’s success has led FMG Law to become one of the fastest growing law firms in the county, with over 300 attorneys nationally in 29 offices in 15 states.

Our Data Security, Privacy, & Technology practice group is an interdisciplinary team of attorneys across FMG’s office locations that stays on the edge of legal developments affecting our clients in the digital age. We advise and represent businesses in all facets of data security, privacy, and technology law and litigation. We work with clients proactively on compliance with the ever-changing regulatory landscape of data security and privacy law, including development of policies, procedures, training, and contracts to avoid legal problems before they start. When a ransomware attack or data security incident occurs, we serve as breach counsel to provide comprehensive assistance to our clients to navigate the investigation and notification requirements that must be followed. After an incident, we defend clients against government investigations or enforcement actions, as well as third-party litigation such as class action lawsuits by customers or clients and all manner of Technology Errors & Omissions (Tech E&O) claims.

*Designation Date: 11/2022

Godfrey & Kahn

Godfrey & Kahn is a full-service corporate law firm based in Wisconsin. We focus on providing our clients—both nationally and locally—with high quality legal services accompanied by a Midwest approach. Our approach, over the firm’s 65-year history, is to judge our success by the success of our clients. Recognizing that our clients face an ever-increasing threat of breaches, Godfrey & Kahn built a well-credentialed cybersecurity team devoted to guiding clients through every aspect of the breach lifecycle. We leverage our skills and experience to help clients prepare for and respond to a breach—so they can get their operations back online as soon as possible and, in the common event of post-breach litigation with another business or a putative class of plaintiffs, rest assured that their best interests are being protected throughout.

*Designation Date: 1/2023

FisherBroyles

Founded in 2002, FisherBroyles, LLP is the first and largest full-service, distributed law firm in the world, and is ranked by The American Lawyer as one of the 200 largest law firms by revenue. The Next Generation Law Firm has grown to approximately 300 partners in more than thirty jurisdictions in the U.S. and UK. Our firm only offers legal services by experienced partners who have the most relevant expertise for your matter. This unique structure maximizes efficiency, responsiveness, and value.

FisherBroyles knows as well as any other business the critical nature of technology and the profound role that computers and computer networks have in the lives of our clients. Today’s paramount concerns about identity theft, personal privacy and data integrity have led to an increasing array of legal obligations facing businesses as they use and handle personal and other sensitive information. FisherBroyles helps its clients navigate this rapidly developing area of the law by leveraging its Next Generation practice model and the unique combination of talent combined with the careful yet practical approach that FisherBroyles brings to every engagement.

Our Cyber Team consists of experienced partners counseling businesses in all industry sectors in cyber incident response, third-party liability defense, and corporate security and privacy counseling.

*Designation Date: 1/2023

Dykema Gossett PLLC

Dykema’s Data Privacy and Cybersecurity team is a multidisciplinary group of attorneys with extensive experience working closely with clients to address and to reduce their privacy and data security risks and exposures. Our team’s various areas of expertise and depth of experience are invaluable to our clients in an era of rapidly expanding regulatory requirements for pre-breach cyber security, post-breach response as well as business practices involving the collection and use of consumer information. Available 24/7 to assist clients in the aftermath of a privacy or data security incident, we also help our clients mitigate and contain regulatory and litigation exposure, as well as cyber risk. Our attorneys, many nationally recognized and Chambers-ranked leaders in their areas of expertise are smart, sophisticated, broadly skilled and deeply knowledgeable. Delivering extraordinary client service is at the heart of our close collaboration and cost-effective partnerships with our clients. It is the hallmark of who we are and has defined us as a firm for nearly 100 years.

What’s more, we’re not just committed to diversity – our firm has achieved the highest certifications and levels of industry recognized achievement in diversity commitment.

Cinthia Granados Motley is the Director of Dykema’s Global Data Privacy and Information Security Practice Group and Dykema’s Business Litigation Practice Group. She has both a recognized U.S. and international practice assisting clients with implementing effective information security practices, addressing current and emerging regulatory compliance issues including cross-border data transfer and information governance as well as litigation readiness and regulatory inquiry matters. Cinthia routinely acts as incident response counsel to national and multi-national entities, as well as privacy litigation counsel. In her litigation practice, she handles consumer and privacy litigation, international contract disputes, ERISA, e-discovery and both directors and officers as well as professional liability matters. She routinely counsels clients in complex commercial disputes both domestically and abroad.

Kimberly Holmes is Senior Counsel for the Chicago office of Dykema Gossett PLLC. In that capacity, she oversees and manages the firm’s incident response program as well as data privacy and security matters for the firm on behalf of client ranging from Fortune 100 and 200 companies to midsize organizations across multiple industry verticals. Having over twenty years of executive and management experience in the specialty lines insurance industry, Kim collaborates with insured clients, brokers, industry experts and carriers as needed to achieve optimal business solutions across multiple industry landscapes.

*Designation Date: 2/2023

Kennedys Law

Kennedys is a global law firm that provides an array of legal services. Kennedys operates across 70+ offices and associate offices in 30+ countries, including nine offices across the US. Kennedys provides cyber legal services in incident response, cyber litigation, data compliance and licensing, and other cyber-related matters on both local and international levels. For incident response, our team can provide you and your insured with primary, boots-on-the-ground support in various regions around the globe and secondary support for cross-border breaches. Our privacy and data breach litigation practice can defend your insureds against government enforcement actions, and in B2B and class action lawsuits that arise post-incident. In addition, we offer post-incident management services to help companies mitigate the risk of tomorrow’s attacks and exploits, and prepare for litigation. We also can arm your claims representatives with advice and guidance as trusted advisors, monitoring complex data breach litigation, counseling on matters involving strategy, exposure, and where the opportunity arises, settlement value.

*Designation Date: 2/2023

Constangy, Brooks, Smith & Prophete, LLP

The Cyber Team at Constangy, Brooks, Smith & Prophete, LLP has unparalleled experience assisting clients facing data security incidents. Our Team has managed thousands of responses to data security incidents on behalf of businesses of all sizes and industries. We have dealt with every kind of data security incident, from insider threat activity to business email compromises and ransomware attacks. We make it a priority to earn the trust of the clients we serve and are committed to providing service that is responsive, respectful, reliable, and relevant.

Our Team includes experts of incredibly diverse backgrounds. Our experienced attorneys have extensive law enforcement and regulatory experience, including former federal prosecutors, former state prosecutors, a former FBI cyber agent, former privacy officers, and former regulators, several of whom have at least 15 to 20 years of experience working with data privacy laws and/or managing responses to information security incidents. The Team is distributed across four domestic time zones with members in 17 cities and 12 states, allowing us to immediately assist clients wherever they are located.

We are known for rapid response and hotline management. In the event of a breach or data compromise, the Constangy Cyber team is here to help. You can reach us 24 hours a day, 7 days a week at [email protected] or #877-382-2724 (877-DTA-BRCH).

*Designation Date: 2/2023

Dolden Wallace Folick LLP

Dolden Wallace Folick LLP, Canada’s specialty insurance law firm, has been providing legal services since 1994. Dolden has a diverse cyber and privacy liability group. Dolden’s cyber team consists of skilled lawyers who work diligently with clients on a variety of cyber matters, including cyber coverage advice, breach coach services, drafting of policy wording, and the defence of privacy claims and class actions. Dolden provides timely, strategic and practical legal advice and expertise for all types of cyber and privacy claims, including ransomware, business email compromise, social engineering attacks, employee theft and error, and website manipulation. Dolden is a pioneer in developing “made in Canada” cyber policy wordings for international insurers and in 2020, Dolden authored the very first cyber textbook providing a comprehensive review of cyber liability and insurance in Canada.

*Designation Date: 5/2023

Pinsent Masons LLP

Pinsent Masons LLP is a global law firm with a market-leading and substantial team of dedicated cyber-specialists across Europe, the Middle East, Africa, and Asia Pacific advising on a broad range of cybersecurity and data risk matters, including the regulatory investigations and litigation which might follow. We are frequently instructed on cross-border incidents which demand a highly co-ordinated response from our global cyber team, comprising over 50 core members. Our expert team is diverse and has a wealth of experience in advising clients across all sectors on matters which can involve multiple notifications to the market, regulators, individuals, contracting parties / the supply chain, and engagement with law enforcement bodies. We sit on numerous global insurers’ cyber panels, which means we are very familiar with reporting lines, the approach insurers will expect and of the importance of the insurer/insured relationship. Our cyber crisis hotline is available 24/7/365 via [email protected] or by one of the following numbers:

• UK +44 20 7741 6127
• Ireland +353 1525 5000
• France +33 1 82 88 25 00
• Germany +49 8926 207 4600
• Hong Kong +852 5806 7000
• Singapore +65 3165 6500
• UAE +971 4 373 9761

*Designation Date: 9/2023

Buchanan Ingersoll & Rooney PC

Buchanan is a full-service law firm with a proven history of providing progressive, industry-leading legal, business, regulatory and government relations advice to our regional, national and international clients. The firm’s 450 attorneys and government relations professionals across 15 U.S. cities proudly represent some of the highest profile companies in the nation—well-known names that include many of the Fortune 100. The Buchanan Cybersecurity and Data Privacy group consists of a core team of lawyers and cybersecurity experts with a wide range of experiences dedicated to helping clients achieve the level of cybersecurity preparedness they aim for and meets the standard of care appropriate to their industry and data processing practices and, when necessary, respond swiftly and effectively to security attacks and incidents. Our Cybersecurity and Data Privacy group also provides skilled and thoughtful counseling for clients as they endeavor to build a privacy law compliance program to meet the demands of the highly fragmented regulatory landscape. As needed in both cybersecurity and data privacy matters, we supplement our highly experienced and credentialed team with lawyers skilled in disciplines such as employment, healthcare, securities, technology transactions, and litigation as needed to address.

Our team is credentialed by multiple cybersecurity and data privacy organizations with certifications including CIPP/US, CIPP/E, CIPM, and Security+.

*Designation Date: 10/2023