Cybersecurity & Privacy Law

Helping our clients secure their data, their systems, and their future

Cybersecurity and privacy law are largely undefined, constantly changing, and very dangerous.  Criminals seek easy targets and valuable data.  Businesses must be prepared to face these challenges. 

Effective cybersecurity and privacy are part of every business decision, whether your team realizes it or not. And even the most sophisticated organizations need expert help to navigate the constantly changing challenges, both legal and practical.

What We Do

Integrate cybersecurity and privacy solutions across organizations

Centre’s cybersecurity and privacy practice provides practical solutions to complicated legal and technical problems. We work in close partnership with our clients to design solutions that seamlessly integrate cybersecurity into corporate governance, ensure privacy considerations when working with the public, mitigate risks in transactions, and leverage existing programs. This comprehensive approach helps ensure that our clients can stay compliant and focused on growing their business.

We are here when emergencies happen. Whether it is responding to a data security incident, recovering from a natural disaster, responding to a regulator, or answering a lawsuit, we help our clients respond, recover, and move forward quickly saving them time, money, and possibly their reputation.

Some examples of how we help

  • Assist in rapidly developing information security program components necessary for bids and grants, including incident response plans, secure development methodologies, information security programs, risk assessments, and vendor relationships.
  • Provide support to or lead incident response with an approach that focuses on getting clients back to work as smoothly as possible while addressing risks in a systematic and thoughtful manner.
  • Develop or mature a practical and comprehensive information security program.
  • Respond to audits and investigations, from both regulators and business partners.
  • Develop a supply chain management program that mitigates supplier cybersecurity risk and codifies a defensible position in the case of a subcontractor data security incident.
  • Conduct training at the employee, IRT, executive, and board levels that is customized to address their unique risks, responsibilities, and requirements.

Featured Team

Edward Bailey

Associate Attorney

Download the Guide

Designing a Defensible Security Program

Most regulations require a reasonable security program but few regulations define what is reasonable. What worse is that some regulators only evaluate a security program after it fails. This guide will cover all these topics and more to help you avoid cybersecurity failures.

Related Insights

Virginia's New Data Privacy law

Virginia’s New Data Privacy Law

On March 2, 2020, Virginia’s governor signed into law the Consumer Data Protection Act. Who does this law apply to and what does it mean for consumers? Understand what else must controllers do and what is the path forward.

Read More »