Comprehensive Incident Response Services
Data breaches and other cybersecurity incidents require the immediate and comprehensive assistance of experienced legal counsel. Our national team thoroughly understands the unique legal and technological nuances in this ever-evolving area, and has decades of experience guiding clients across all aspects of data privacy and security, including:
We regularly work with clients in variety of industries, such as financial services, professional services, law enforcement, life sciences and health care, energy, telecom, and insurance. Our team guides clients through every step of the incident response process, including engaging vendors to conduct a forensic investigation, coordinating initial crisis management communications, interfacing with law enforcement, advising on regulatory compliance issues, and assessing and complying with state and federal notification requirements and data governance standards.
Thorough preparation is the best defense to a cyberattack or other data security incident.
An incident response plan is a critical component of an effective information security program. Taking into consideration each organization's unique mission, size, structure, and functions, we help clients to develop a formal, focused, and coordinated approach to responding to an incident. Our response plans provide a roadmap for responding to security incidents in a timely and effective manner, while also protecting customers, clients, and the brand.
Companies must periodically test their incident response plans and critical staff through a functional simulated exercise known as a tabletop exercise. Our tabletop exercise workshop identifies and addresses any deficiencies in a company's response capabilities. We offer practical, client-specific advice and skilled counsel to help companies anticipate and prepare for potential issues. Our team walks clients through simulated scenarios that challenge incident response capabilities in a variety of expected and unexpected ways. The workshop also enables our clients to:
In the event of a suspected security incident, our response team can be reached at incident.response@troutman.com.
Businesses must immediately address an actual or suspected incident involving unauthorized access to confidential information in order to comply with applicable laws and regulations, and engaging experienced counsel at the onset is essential in order to maintain the attorney-client privilege.
Since 2005, hundreds of companies have chosen our team to guide them through incidents of unauthorized access to data and digital assets, phishing attacks, and ransomware. Our national breach response team provides comprehensive advice 24/7/365 in areas such as internal investigations, root-cause analyses, breach identification and response, individual and regulatory notice, regulatory investigations, and litigation.
Incidents are typically followed by regulatory inquiry or litigation. Our national team offers a unique combination of subject matter depth, first-chair litigation experience, and decades of work handling bet-the-company government investigations, enforcement actions, and regulatory inquiries in every state. We have defended clients in hundreds of claims, including in MDLs, in courts throughout the U.S. involving federal and state privacy laws that address the collection, security, use, and dissemination of consumer data. Drawing from experience as former regulators in attorneys general offices, we also regularly handle state attorney general investigations and matters before state administrative bodies and federal agencies. Our work before the Federal Trade Commission, the Consumer Financial Protection Bureau, the U.S. Department of Health and Human Services Office for Civil Rights, insurance commissioners, and state attorneys general spans several decades.
Companies dealing with a data incident confront an uneven landscape and requirements that can differ from state to state. It is easy to feel lost. Find your way with Troutman Pepper's Incident Response Interactive Map.
With a simple and intuitive user experience, our U.S. map provides state-by-state definitions, notification requirements, deadlines, and statutory references. This all-in-one resource will provide you with helpful information at your fingertips — whenever you need it.
'Dear Mary,' is Troutman Pepper's Incidents + Investigations team's advice column. You will find Mary's answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to respond to regulators, and much more. 'Dear Mary' goes beyond our articles, podcasts, webinars, and other content we produce because here, we respond directly to your questions with concise, practical answers. We promise they will be interesting, informative, and hopefully a little fun.
Read "Dear Mary – Incidents + Investigations Cybersecurity Advice Column."
Articles + Publications
06.27.24
Troutman Pepper State Attorneys General Monitor — June 27, 2024
Articles + Publications
2024
Dear Mary – Incidents + Investigations Cybersecurity Advice Column
Podcasts
06.26.24
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens
Articles + Publications
June 2024
Regulatory Oversight Newsletter — June 2024
Speaking Engagements
05.21.24
NetDiligence Cyber Risk Summit San Diego 2024
Articles + Publications
May 2024
Regulatory Oversight Newsletter — May 2024