Cybersecurity & Privacy Law

Helping our clients secure their data, their systems, and their future

Cybersecurity and privacy law are largely undefined, constantly changing, and very dangerous.  Criminals seek easy targets and valuable data.  Businesses must be prepared to face these challenges. 

Effective cybersecurity and privacy are part of every business decision, whether your team realizes it or not. And even the most sophisticated organizations need expert help to navigate the constantly changing challenges, both legal and practical.

What We Do

Integrate cybersecurity and privacy solutions across organizations

Centre’s cybersecurity and privacy practice provides practical solutions to complicated legal and technical problems. We work in close partnership with our clients to design solutions that seamlessly integrate cybersecurity into corporate governance, ensure privacy considerations when working with the public, mitigate risks in transactions, and leverage existing programs. This comprehensive approach helps ensure that our clients can stay compliant and focused on growing their business.

We are here when emergencies happen. Whether it is responding to a data security incident, recovering from a natural disaster, responding to a regulator, or answering a lawsuit, we help our clients respond, recover, and move forward quickly saving them time, money, and possibly their reputation.

Some examples of how we help

  • Assist in rapidly developing information security program components necessary for bids and grants, including incident response plans, secure development methodologies, information security programs, risk assessments, and vendor relationships.
  • Provide support to or lead incident response with an approach that focuses on getting clients back to work as smoothly as possible while addressing risks in a systematic and thoughtful manner.
  • Develop or mature a practical and comprehensive information security program.
  • Respond to audits and investigations, from both regulators and business partners.
  • Develop a supply chain management program that mitigates supplier cybersecurity risk and codifies a defensible position in the case of a subcontractor data security incident.
  • Conduct training at the employee, IRT, executive, and board levels that is customized to address their unique risks, responsibilities, and requirements.

Flat Fee Services

Centre’s Cybersecurity team offers industry leading expertise with an innovative approach that helps our clients solve complex challenges. Schedule a consultation to get started today.

Incident Response Plan: Centre works with your team to create a comprehensive incident response plan tailored to your organization’s needs. This includes an initial meeting, action plan, and a guided review and revision process.

Tabletop Exercise: Centre conducts a one hour table top exercise and provides an AAR memo. This includes an initial meeting, scenario development, tabletop exercise, and AAR memo.

Risk Assessment: Centre will help safeguard your organization by performing an asset inventory, which is the first step for any organization in starting to manage their cyber and privacy risks. This includes a kick off meeting that provides an overview of services, asset inventory, threat identification and rating, vulnerability identification and rating, risk calculation, risk assessment report, and mitigation recommendations. 

Featured Team

Edward Bailey

Associate Attorney

Download the Guide

Designing a Defensible Security Program

Most regulations require a reasonable security program but few regulations define what is reasonable. What worse is that some regulators only evaluate a security program after it fails. This guide will cover all these topics and more to help you avoid cybersecurity failures.

Related Insights

Executive Order

Biden’s Cybersecurity Order and You

On May 12, 2021, President Biden signed the Executive Order on Improving the Nation’s Cybersecurity (EO). Driven in part by recent cyberattacks on network tools, enterprise software, and critical infrastructure, the EO implements (or attempts to implement; more on that later) a veritable wish-list of cybersecurity provisions.

Read More »