Cybersecurity and Data Privacy

Businesses today face constant, and constantly evolving, cybersecurity risk.  Cyberattacks can cost victim businesses millions of dollars and create a host of complex problems, including the theft of valuable business information, regulatory investigations and penalties, civil lawsuits by shareholders and customers, demands for cooperation from law enforcement agencies, adverse media attention, and loss of customer trust and loyalty.  Regulators, recognizing the threat posed by computer hackers to businesses and critical infrastructure, are constantly proposing and implementing new rules that require businesses to adopt comprehensive cybersecurity and data protection programs.

Cadwalader’s Global Litigation Group, which includes former federal prosecutors, a former Department of Defense analyst, and two Certified Information Privacy Professionals, has the experience and background to provide legal advice to clients in all aspects of cybersecurity, data protection, and incident response.  This includes:

  • Cybersecurity Programs and Compliance: Identifying and assessing clients’ cybersecurity risks – including the risks posed by their third party service providers – to develop and implement the policies and procedures necessary to comply with regulations and reduce the risk of harmful cyberattacks. 
  • Incident Response and Investigations: Quickly identifying and retaining appropriate computer forensic consultants, directing internal investigations into potential incidents, managing law enforcement and regulatory interactions, overseeing breach notifications and public disclosures, and preparing for potential regulatory action or civil litigation.
  • Regulatory Defense and Litigation: Defending corporate victims of cyberattacks in regulatory enforcement proceedings and lawsuits from shareholders, customers, and other businesses.
  • Advising and strategizing on CFIUS reviews, preparing and defending CFIUS filings, appearing before CFIUS, negotiating and defending associated mitigation agreements and related reports and audits
  • Advising on and implementing NISPOM foreign ownership mitigation requirements, including security control agreements, special security agreements, proxy and voting trust agreements and all aspects of NISPOM compliance, including devising, testing and training on NISPOM policies and compliance programs, operating procedures, visitation control plans, technology control plans, electronic communications plans, visitation control plans and shared services agreements, drafting voluntary disclosures and participating in DoD audits
  • Advising on cyber security issues and initiatives
  • Advising on compliance with U.S. export controls and assisting in ITAR registrations
  • Designing, testing and training on global export control policies and compliance programs
  • Drafting and securing export licenses and commodity jurisdiction requests and advising on compliance therewith, including license reporting requirements
  • Preparing and defending voluntary disclosures relating to export violations
  • Responding to, defending and settling export enforcement actions with the U.S. Departments of State and Commerce
  • Acting as monitor in export enforcement actions
  • Monitoring and analyzing proposed legislation, including providing analysis and drafting comments for legislative consideration

8 Attorneys

Avergun, Jodi L. Partner Washington
T. +1 202 862 2456
Chorazak, Mark Partner New York
T. +1 212 504 6565
Gerver, Keith M. Associate Washington
T. +1 202 862 2381
Halper, Jason M. Partner New York
T. +1 212 504 6300
Moreno, Joseph V. Partner Washington
T. +1 202 862 2262
New York
T. +1 212 504 6262
Tompkins, Anne M. Partner Charlotte
T. +1 704 348 5222
T. +1 202 862 2496
Treanor, James A. Associate Washington
T. +1 202 862 2330
Urban, Lex Special Counsel Washington
T. +1 202 862 2320



Cadwalader's research and intelligence platform provides analysis on changes in U.S. financial regulation. Subscribers receive a daily newsletter interpreting new laws, rules and enforcement actions that impact financial institutions.