Cybersecurity and Data Privacy

Cybersecurity and data privacy issues are constantly evolving and becoming more pronounced in today's business and market climate. Information governance - now more than ever - can address these issues and play a vital role in the routine operations of businesses of all sizes, from family-owned to Fortune 500 corporations. WSHB recognizes that information governance is one of the central foundations necessary for running and managing a successful business. However, this success comes with new risks that must be carefully managed.

WSHB has a team of skilled attorneys that resolve and respond to our clients’ cybersecurity and data privacy needs. We offer assistance in all matters concerning cyber risk management, data breaches, cyber insurance coverage, and tactful defense and litigation strategy. We monitor recent cyber trends and implement proven and cost effective solutions for our clients’ needs.

Defense and Litigation

WSHB's cyber team is always prepared and ready to counsel clients through the most complex data risk and security breach matters. We are particularly adept in handling insurance-related matters concerning first-party coverage and claims involving cyber liability. We offer clients a level of advocacy experience commensurate with a seasoned litigation group. Our trial attorneys are sought out for their experience and ability to manage complex matters at the eleventh hour, and we are routinely substituted in as trial counsel on the eve of trial. For this, we are well-positioned and readily available to take on the most pressing and difficult cyber litigation matters.

Risk Management

Our approach to managing clients’ needs is both all-inclusive and proactive. We provide risk assessments that help our clients guard against data breach occurrences, and propose sound and thoughtful data management policies as a first line of defense. Our team is ready to service clients in all business sectors. Through compliance-based cyber management programs, WSHB keeps our clients’ businesses moving forward while guiding them through regulatory obligations. Spotting emerging risks and trends in the cyber climate requires an understanding of our clients’ business models. WSHB has an extensive network of relationships that provide the complete package of risk management services and tools necessary to meet the needs of today's fast paced market.

Data Breach Response

Should a data breach occur, responding to the incident in a timely and appropriate manner is the first critical step in managing the myriad of potential outcomes that can result. WSHB's breach coaches are well-trained in overseeing the initial breach response by providing necessary and immediate support to our clients. These services range from notifying regulatory and law enforcement authorities, to coordinating notification of third parties impacted by the data breach, and working with publicists to mitigate reputational harm. Throughout, the main goal of our emergency response cyber breach team is the reduction of our client's exposure.

Coverage Counsel

WSHB’s expertise in the insurance market is vast. Our attorneys routinely work with carriers on the full spectrum of complex coverage matters. This in turn places us in a strategic position to act as coverage counsel on cyber-related claims. Our team navigates the complexities inherent with coverage analysis, by recommending policy language, analyzing coverage questions, preparing coverage opinion letters, and finally, if need be, litigating claims related to cyber coverage.


Representative Matters

  • Obtained the dismissal of a Class Action Complaint alleging violations of Illinois’ Biometric Information Privacy Act (BIPA). The plaintiff sought multi-million-dollar damages, but our Cyber Team successfully defended the position that our client never captured or disclosed any biometric information or identifiers and that BIPA was never violated. The victory was made possible through extensive research, discovery, and the acquisition of a crucial third-party affidavit.
  • Dismissal of data breach class actions on behalf of one of Florida’s largest healthcare providers.
  • Represent healthcare providers in California data breach class actions related to ransomware attack on national IT company.
  • Breach coach for municipalities in response to data breach of global software company effecting over 1.6 million individuals.
  • Coordinate responses to ransomware attacks on behalf of manufacturers, construction companies and professional services firms, including negotiation of ransom, consultation with law enforcement, and remediation of affected systems.
  • Defense of healthcare providers in data breach investigations by state attorney general offices.
  • Coordinate responses to U.S. Department of Health and Human Services Office of Civil Rights investigations into HIPAA violations on behalf of medical professionals and healthcare facilities.
  • Defense of IT providers in tech E&O litigation related to ransomware attacks and compromised computer systems.
  • Breach coach for financial advisors involving compromised email accounts and defense of investigations involving state insurance regulators.
  • Provide insurance coverage opinions to cyber carriers regarding interpretation and application of cyber insurance policies to various cyber incidents.
  • Breach coach for accounting firms compromised with malware, coordinating forensic investigation and notification of affected individuals.
  • Perform risk assessments for retailers, online merchants, and international organizations for compliance with the CCPA, CPRA, and other data privacy statutes.
  • Breach coach for large medical laboratory compromised by employee W-2 tax fraud.
  • Facilitate international transfers of data for insurance companies involved in litigation pursuant to international data privacy regulations.
  • Breach coach for medical office loss of patient data and coordination of response to affected individuals.

News & Resources


  • Panelist: “Alternate Realities of the 2023 Cyber Marketplace,” USI Insurance Services Webinar, August 2, 2023

  • Podcast Guest: “Beyond the Hacks: Unveiling the Strategies and Technologies Shaping Cybersecurity,” Experian + Wood Smith Henning & Berman LLP Podcast, July 19, 2023

  • Moderator: “Courtroom Code: Navigating the Litigation Risks of AI and the Metaverse,” International Association of Defense Counsel Annual Conference, July 11, 2023

  • Guest Lecturer: “Cybersecurity/Privacy Pre-Breach Expert Panel,” Baylor Law School, June 5, 2023

  • Panelist: “Take a Walk on the Wild Side: Cyber Liability Claims Trends,” RSA Conference, San Francisco, April 25, 2023
  • Interview: Information Security Media Group, RSA Conference, San Francisco, April 25, 2023
  • Panelist: “We’ve Been Attacked! A Cyber Incident Response Team Tackles Tough Questions,” Southeast Region Insurance Guaranty Associations Conference, Philadelphia, March 30, 2023
  • Panelist: “Cyber Liability Claims Trends,” PLUS Cyber Symposium, New York City, February 14, 2023
  • Podcast Guest: “2023, A Cyber Threat Odyssey,” Experian + Wood Smith Henning & Berman, LLP Podcast, January 10, 2023
  • Panelist: “Best Practices for Managing Breach Reporting Deadlines,” CLM Cyber Conference, Washington, D.C., November 3, 2022
  • Panelist: “The Threat is Real: Managing Cyber Risks of Third-Party Vendors,” CLM Cyber Conference, Washington, D.C., November 2, 2022
  • Panelist: “Evolving Cybersecurity Threats to the Construction Industry,” CLM Construction Conference, San Diego, CA, September 22, 2022
  • Panelist: “Cyber Insurance Market Trends and Risk Challenges,” CLM Cyber Conference, New York City, December 2, 2022
  • Panelist: “Cyber Insurance 101: Insured or Not Insured? That is the Question,” New Jersey Cyber Fireside, September 8, 2022
  • Panelist: “The Latest Trends in D&O Litigation in the Life Sciences Industry,” USI Insurance Services Webinar, June 29, 2022 
  • Moderator: “Cyber Liability Claims Trends,” 10th Annual Cyber Liability Insurance ExecuSummit, March 22, 2022
  • Panelist for Premier Session 2: "Ransomware and Digital Extortion: The New Normal," CLM Construction Conference, September 23, 2021
  • Moderator: “Cyber Liability Claims Trends,” 9th Annual Cyber Liability Insurance ExecuSummit, May 11, 2021
  • Panelist: “Cybersecurity & Privacy in the New Normal: Post-2020 Election, Covid-19, & Beyond,” PwC webinar, November 19, 2020
  • Panelist: “Employee Privacy Developments: 2020,” Allied World Insurance Company, November 12, 2020
  • Panelist: “Cyber Liability Review,” EPIC Insurance Brokers & Consultants’ Best Practices Forum, Chicago, IL, September 4, 2019
  • Panelist: Cyber Issues, “The Internet of Things Symposium” at Suffolk Law School, Boston, MA, October 4, 2018
  • Navigating New Data Security Regulations,” USI webinar, May 1, 2018
  • Guest Lecturer: “e-Discovery and Cyber Issues in Litigation,” Suffolk University Law School, Boston, MA, March 2018
  • Guest Lecturer: e-Discovery Course, Pace University Law School, White Plains, New York (November 2017 and November 2016)
  • “Cyber Security Risks: Aftermath of the Equifax Breach and Why Cybersecurity is Important,” Association of Certified e-Discovery Specialists (ACEDS), Boston, MA, October 4, 2017
  • Panelist: “Demystifying Technology-Assisted Review” (Allied World Insurance Panel Counsel Summit, Hartford, CT, May 2017)
  • “Cyber Risks & Human Factors – Effective & Defensible Processes,” Westchester/Southern Connecticut Chapter of the Association of Corporate Counsel, White Plains, NY, April 20, 2017
  • Panelist: “Corporate e-Discovery in the Modern Era” (Association of Certified E-Discovery Specialists, New England Chapter, Boston, MA, May 2015)
  • Presenter: “Event Data from Automobile Electronic Control Modules” (CLM Transportation Conference, Cleveland, OH, June 2013)


By using this site, you agree to our updated Privacy Policy.