Incident Response & Breach Coaching – Guide private-sector companies through security incidents, including overseeing of forensic investigations and analyzing federal, state, and international breach notification laws.
Regulatory Compliance & Legal Advising – Advise on federal and state data security laws and industry requirements, such as NY DFS, GLBA Safeguards Rule, CISA Security Requirements for Restricted Transactions, and PCI-DSS.
Security Frameworks & Best Practices – Provide strategic counsel on common security frameworks, including CIS 18, NIST CSF, and ISO 27001/27002, and international requirements such as the EU DORA and Cyber Resiliency Act.
Policy & Governance – Draft, review and assess information security policies and governance documents.
Technology Fluency – Understand and apply technology-driven solutions in legal contexts as it relates to all of the above.