Awards & Rankings 04.12.24
Service
For companies today, there’s no such thing as “safe.” Terrorism, political instability, data theft and advanced malware are just a few of the events that can have disastrous consequences for your company, even when they occur halfway around the world. And these days, any company that uses information technology is a potential victim, as even a small, local business can find itself made a proxy by individuals a continent away in efforts to attack a “higher value” target.
Companies cannot and should not be expected to defeat every attack before it crosses into their space (cyber or physical), but they should examine the risks (threat plus vulnerability plus consequence) and determine what they can realistically defend against without causing financial ruin.
At Pillsbury, our team will be with you every step of the way so that, should misfortune strike, your company will be able to say, “We were as ready as anyone could be.”
Comprehensive Prevention, Mitigation, Defense and Recovery
To help our clients with their global security strategy and compliance needs, Pillsbury has assembled a team of top practitioners in privacy and data protection, public policy, liability mitigation, risk transfer and insurance coverage and recovery, corporate governance, global sourcing, regulatory counseling, and government affairs. Our Global Security team is uniquely positioned to help your company anticipate, weather and recover from even the largest calamity.
The following are Global Security-related areas in which Pillsbury’s lawyers have protected our clients’ interests.
Legislative
Our global security efforts are co-led by one of the leading government affairs professionals in the fields of anti-terrorism and cybersecurity. Pillsbury’s Global Security team is well versed in security legislation and administrative policies, as well as interfacing with key agencies at the federal, state and local areas. Our lawyers have worked extensively on matters such as the creation and implementation of “safe harbor” programs for companies that invest in security products and services, key administrative and legislative priorities related to cybersecurity and national defense policy, and securing funding for a variety of projects through the Congressional appropriations process. With experience and access to U.S. lawmakers, Pillsbury’s Government Law & Strategies lawyers can help clients shape responses to key legislative proposals. This includes outreach to various governmental bodies on the development and implementation of the Cybersecurity Framework called for in President Obama’s Executive Order, as well as advocacy and lobbying on any cybersecurity-related legislation, procurement policies and regulatory measures.
Regulatory Compliance Assessment, Counseling and Training
Clients rely on us to develop and update data protection and security plans to comply with the ever-changing laws, regulations and industry standards—all while maintaining lawyer-client privilege. This includes working with industry rulemakers, as well as federal and state agencies such as the FCC, FERC (including NERC), NRC, FTC, SEC, DHS, DDTC and BIS and many others. We also have experience with the unique regulatory, compliance and disclosure obligations imposed on particular sectors, including government and defense contractors (who may have export controlled or classified data) financial services, energy, transportation, health care, and communications. For clients in every sector, our lawyers can coordinate with technical experts to provide a comprehensive solution.
Risk Management and Transfer
Members of the Global Security team are extremely well versed in the Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act, having prepared well over 150 applications for a wide variety of services and products. The SAFETY Act provides companies with a unique way to limit or eliminate liability in the event of an “act of terrorism,” and is a valuable tool every company should consider using. In addition, the Global Security team is prepared to counsel companies on contractual language, insurance programs, and the proactive development of policies and procedures that can transfer risk away from the client, as well as establish a record demonstrating the use of “reasonable” behavior or the exercise of “due care.”
Insurance Recovery
With an up-to-date understanding of evolving insurance case law and the insurance marketplace, Pillsbury can provide critical assistance in obtaining “state-of-the-art” cyber insurance. Our top-ranked Insurance Recovery practice has recovered more than 10 billion dollars of insurance policy proceeds—more than one billion dollars in 2013 alone—for our policyholder clients, and regularly protects those clients by helping them obtain broad and appropriate insurance coverage to address the risks inherent in business today. When a loss or potential loss occurs, our team is available to advise, and, if necessary, litigate to enforce clients’ coverage rights. We have represented health care entities, financial services companies, retailers and others in structuring and negotiating their cyber insurance coverage, as well as prosecuting insurance claims arising from cyberattacks and data breaches. Pillsbury is engaged on numerous significant coverage disputes for our clients.
Crisis Management
Pillsbury was one of the first law firms to develop a formal Crisis Management Team. Our lawyers have seen recognizable patterns emerge after shepherding hundreds of clients through crises and, as a result, we have developed battle-tested strategies and tactics for Emergency Response and Loss Management. The key to successful crisis management is skilled execution of complimentary strategies for both of these components. In addition to security-related incidents, our team has guided clients through such notable crises as the Deepwater Horizon and Exxon-Valdez spills, and numerous aviation accidents around the world.
Protecting Intellectual Property Rights
In addition to sensitive data, many companies have intellectual property (IP) assets that are digitally maintained. These are particularly important in significant M&A transactions, as IP assets can be value drivers. With corporate espionage and advanced persistent threats on the rise—potentially jeopardizing the IP assets of companies across industries—Pillsbury can advise on IP protection and enforcement.
Cybersecurity Disclosures and SEC Investigations
As cybersecurity breaches become more widespread and damaging, it is likely that the SEC will increase pressure on companies to disclose the risk of a cyber-incident and to disclose all material breaches. The failure to promptly disclose a cyber-breach may lead to a formal SEC investigation, shareholder class actions or derivative lawsuits. Our Securities Litigation lawyers have extensive experience guiding clients with respect to disclosure issues. Just as important, we have extensive experience assisting clients in responding to formal and informal inquiries and proceedings brought by the Commission’s Division of Enforcement. Pillsbury has a strong record of convincing the SEC’s staff to conclude investigations without enforcement action.
Outsourcing IT Security
It is likely that most large organizations will outsource their IT Security to a service provider (known as a Managed Security Service). Among the most experienced advisory firms in the world, Pillsbury Global Sourcing has architected more than 1,000 strategic outsourcing and technology transactions. Our lawyers and sourcing advisors have unusual insight into IT infrastructure operations and organizations developed over the last 25 years. Pillsbury is uniquely qualified to help our clients with all aspects of outsourcing IT Security.