Maynard Cooper & Gale and Nexsen Pruet have agreed to merge on April 1, 2023. Together we will be Maynard Nexsen.

Read More

The stakes have never been higher in cybersecurity and privacy. The recent attacks against our country’s energy and food supply, along with the growing landscape of privacy laws, provide just the latest examples of why it is imperative for organizations to address cybersecurity and privacy realities. Fortunately, Maynard’s nationally recognized Cybersecurity & Privacy Practice offers comprehensive, custom solutions to address this pressing need. Leveraging experienced attorneys and technology professionals, Maynard's Cybersecurity & Privacy team provides not only the legal proficiency and technical expertise our clients expect, but an unmatched practical business sense.

Our Team

Get to know the Maynard Cybersecurity & Privacy team: approachable leaders who simplify the complex.

“We look at issues practically and strategically. What does the law require? What risks do we need to manage and mitigate? What are the critical business considerations? We then focus on delivering practical solutions that are aligned with this backdrop, framing the issues in the optimal way for both internal and external audiences.”
- J.T. Malatesta, Practice Group Chair

“Regardless of the situation in which we’re interfacing with our clients, we want them to feel like we’re on the same team working towards a common goal. They should see us like a favorite co-worker who happens to have a different email domain, not a faceless service provider.”
- Starr Drum, Shareholder - Privacy

"We are in the business of crisis prevention as well as crisis management – we strive to help our clients prevent fires from breaking out, but if they do, we’ll put them out. When you hire us, you don’t get lawyers sitting behind desks – you get strategic partners who are extensions of your team.”
- Sarah Glover, Shareholder - Cybersecurity

"Responsiveness and thoughtfulness are critical components of our practice. Whether responding to a simple question, or leading the response to a potentially catastrophic incident, we are always available to provide answers and solutions carefully tailored to the client and situation at hand.”
- Adam Griffin, Shareholder - Cybersecurity

Our Services

Cybersecurity & Privacy Compliance

Regardless of industry or business model, every company should have measures in place to guide the protection and use of personal information in order to reduce risk and enhance marketability. Some of the projects we support include:

  • Corporate governance management and resource allocation
  • Data inventory and mapping
  • Privacy and security policies and procedures
  • Incident Response Plan development
  • Privacy by design product counsel
  • Vendor and other third-party risk management
  • Cross-border transfer arrangements
  • Privacy and cybersecurity training
  • Organizational security protocols
  • Tabletop exercises
  • DSAR response procedures
  • Marketing/digital advertising and data sale/purchase compliance

Breach Response

Maynard’s on-call breach response team has managed hundreds of incidents, spanning ransomware, BEC, fraudulent wire transfers, insider threats, and application vulnerabilities.

Businesses large and small face a patchwork of international, federal, and state laws and regulations, industry-specific guidelines, and common law theories of liability in the cybersecurity arena. Our breach response team counsels clients on the potential liabilities stemming from these sources and is prepared to navigate clients through incident response, internal investigations, regulatory inquiries, data breach notification laws, and civil litigation.

A timely, coordinated, and effective investigation is critical toward mitigating legal and financial exposure in the event of a data breach. Our team of experienced lawyers and technologists understand what must be done in the immediate aftermath of an incident to deliver an efficient response that complies with our clients’ regulatory landscape and in a manner that maximizes the protection of the attorney-client privilege over the investigation.

Maynard’s Cybersecurity & Privacy Practice serves as approved counsel for multiple global and national insurance carriers, including:

  • AIG
  • AXA XL
  • AXIS
  • Beazley (InfoSec and MediaTech policies)
  • Chubb
  • Coalition
  • Zurich

Privacy Litigation & Regulatory Investigations

Our team works tirelessly with clients to prepare them for regulatory inquiries and protect them from shortcomings in their cybersecurity and privacy programs. However, when investigations and litigation arise, Maynard has the expertise and depth to meet those needs.

Our multi-disciplinary, experienced class action and trial teams stand ready to handle data breach and privacy cases that may be filed following a compromise of personal information. Almost all of these cases are filed as class actions, and Maynard’s nationally-recognized Class Action Practice has a wealth of experience successfully defending clients in numerous federal and state courts across the country. In addition, our Cybersecurity & Privacy team has handled hundreds of matters before:

  • State attorneys general
  • FTC
  • OCR
  • International data protection authorities

Our team also defends causes of action arising from statutory violations of privacy and cybersecurity laws including:

  • BIPA
  • CCPA
  • GLBA
  • TCPA

Transaction & Risk Advisory Services

Maynard’s Cybersecurity & Privacy team supports clients through the intricate process of acquisitions and investments.

  • Partnering with M&A counsel and technical diligence teams to conduct privacy and security legal diligence
  • Developing comprehensive diligence memorandum with investment risk rating
  • Negotiating privacy and security terms of purchase agreement
  • Supporting R&W insurance diligence and underwriting

We help clients maximize the value of existing investments through Privileged Risk Assessments. Confidential and privileged risk assessment engagements include:

  • Assessment of operational, legal, and compliance risk factors
  • Benchmarking a company’s program against industry standards, regulatory requirements, and best practices
  • Offering observations on the company’s information security and privacy practices
  • Providing insight into legal, compliance, and operational risks
  • Providing guidance and recommendations to remediate any identified risks and mature the company’s information security and privacy compliance programs

Through a comprehensive risk assessment process, our team examines key privacy and security domains aligned with due diligence considerations. From corporate governance to cross-border data transfers to network security and more, our guidance and recommendations remediate identified risks and mature the company’s information security and privacy compliance programs.

“The privacy group at Maynard has helped us develop and mature a privacy program custom to our business through becoming intimately involved with the underlying aspects of our industry and specific business practices, all at a reasonable price. They have become a trusted and vital partner of both our privacy and cybersecurity departments due to their competent practical legal advice, hands-on approach and willingness to pick up the phone whenever called upon. I am hesitant to promote the practice for fear that the “secret” will get out as their firm seamlessly works with internal partners as if they are one of our own.”

-Blaine Doerrfeld, SVP, Senior Counsel, Athene

“Maynard’s expertise and command of the Cybersecurity and Privacy subject matter is unrivaled. They maintain an extensive network of industry professionals.”

-Darrell Jenkins, VP & CISO, Clayton Technology

Cybersecurity & Privacy News
Thursday, March 30, 2023

Iowa Passes Comprehensive Consumer Privacy Law

This week, Iowa joins the ranks of states who have enacted comprehensive privacy legislation in the absence of a federal privacy law. Iowa’s Senate File 262 will go into effect on January 1, 2025. What is Senate File 262? Senate File 262 is a cross-industry privacy law that provides “consumers,”...

Read More
Monday, October 31, 2022

Return of the Living Documents

Frank Johnson had been foreman at Uneeda Medical Supply Warehouse since the early 1980s. Uneeda’s president and CEO, Burt, had always trusted Frank with the big jobs such as keeping Uneeda’s sensitive records safe. Uneeda had a lot of sensitive records, including from its direct-to-patient business selling insulin pumps under...

Read More
Monday, October 24, 2022

Wire Transfer Hocus Pocus

Cordelia worked in the accounting department for The House of Screams. The House of Screams, a wildly popular haunted house experience famous for its frightful attractions, was preparing for its biggest night of the season, Halloween! This year’s Halloween night event was set to feature the Wicked Witches of Westchester...

Read More