Anyone reading this blog already knows that cybersecurity is a team sport. No longer does the IT security department bear sole responsibility for protecting a company’s data and systems. Today companies are setting up enterprise-wide councils to oversee cybersecurity that include lawyers, risk managers, technical professionals, and other leaders. And if a breach occurs, that team gets even more diverse adding for example highly-specialized forensics professionals and public relations specialists to help manage remediation, investigations, and potentially notification efforts.
That’s why we have formed Hogan Lovells Cyber Risk Services, a dedicated team of cyber technical and risk management professionals. Working side by side with our lawyers, our expanded team enables us to provide more of what our Cybersecurity Solutions practice is already known for: a unique blend of technical knowledge, operational experience, and of course legal and regulatory skills that can help clients manage the increasing variety of cybersecurity issues and situations with which they need help.
To help our clients navigate the complex and cross-disciplinary challenges of today’s cyber threat environment, Hogan Lovells announced on February 1 the formation of Cyber Risk Services, a dedicated unit of technical and risk professionals. An expansion of its market-leading Cybersecurity Solutions Group, Hogan Lovells Cyber Risk Services responds to increasing client demand for the comprehensive services already offered by the firm’s global team.
Working side-by-side, our expanded team of cybersecurity professionals and lawyers offers a wide range of services which are provided under attorney-client privilege as appropriate. We advise on:
Program assessment and development. Every organization can benefit from an objective assessment of its cyber governance and preparedness against relevant standards of due care, along with help to develop and refine policies and procedures for oversight and management of cyber risk. Our experience assessing cybersecurity programs across industry sectors enables us to provide deeply-informed and practical insights.
Incident and crisis response. How and when an organization responds to a cybersecurity incident is vitally important. We run tabletops and otherwise test response capabilities, develop plans and procedures for investigating and responding to cybersecurity incidents, and advise on and help oversee response and litigation defense efforts. Our track record of working collaboratively with in house legal, management and technical teams as well as outside forensics and specialized security technology vendors means we understand the “big picture” and how the best combination of resources can be brought to bear for the benefit of our clients.
Regulatory compliance (e.g. HIPAA, ITAR, NNPI). Our work here draws on our specialized regulatory lawyers and includes the development of governance programs, policies, procedures, and the identification of technical cybersecurity requirements needed to comply with regulatory demands. We review and help enhance existing policies, procedures, and capabilities, and we also advise on how to interact with and respond to regulators when faced with potential compliance issues.
Training and Awareness. We evaluate the cybersecurity risk associated with the potential actions of employees, contractors, vendors, and other third parties; analyze current internal awareness and culture; assess your organization’s ability to protect against inside and outside threats; and help you design and implement a comprehensive program tailored to your organization’s needs.
Newly appointed to co-lead the Cyber Risk Services team is Jeff Lolley, Managing Principal. Jeff has over two decades of cybersecurity experience serving the private sector (including as a chief information security officer for a Fortune 500 company) and the public sector (as a consultant to the U.S. government). Hogan Lovells partners Deen Kaplan and Harriet Pearson will round out the operational leadership team of the new unit.Hogan Lovells team of cybersecurity lawyers and professionals includes former senior government officials; individuals with high-level security clearances; specialized regulatory lawyers; seasoned investigative lawyers including former cybercrime prosecutors; and veteran litigators experienced in defending clients in cybersecurity-related matters. Our technical and management professionals have significant operational and leadership experience working inside some of the world’s largest and most sophisticated organizations.
Our team is ready to provide you end-to-end cybersecurity support across all sectors and at all levels of your organization – from the c-suite to the security operations center. Our experience proves it.