Perkins Coie lawyers routinely handle security incidents in the United States and around the world. With a team that includes former U.S. Department of Justice national security officials and cybercrime prosecutors, the practice has amassed a significant body of hands-on work in response to network intrusions.

While not every breach triggers notification requirements, every breach requires attention and an individualized response tailored to the facts and nature of the breach, and an evaluation of how processes can be improved to minimize the risk of future breaches. Features of our service include:

• An efficient approach that includes triaging the initial breach; minimizing legal risk; identifying notification and disclosure obligations; and providing notice to affected individuals, regulators, insurance carriers, and others where necessary.
• Deep understanding of legal requirements across state and federal law, plus expectations from regulators, stakeholders, and the public.
• Experience working with numerous forensics firms, breach notification providers, and law enforcement and infrastructure assurance officials, as warranted by the size or nature of the breach.

Our lawyers maintain a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and aims to clarify state-specific security breach notification requirements.

The quantity and sophistication of cyberattacks have grown, and more attempted and completed attacks have caused real-world impacts. To meet this threat, federal agencies and jurisdictions across the country have imposed cybersecurity requirements on companies across industries, from critical infrastructure enterprises to innovative medical and financial startups. Our lawyers integrate these emerging requirements into comprehensive security programs and policies tailored to your organization.

Regular review and practice are key. We highlight emerging trends and legal changes for clients, and design and advise on the regular training and tabletop exercises required to meet evolving regulations.

Our cyber enforcement lawyers work with clients to protect their websites, internet, and mobile services, and keep their users safe from abuse. We advise clients on enforcement strategies that may include referrals to regulatory agencies or law enforcement, as well as filing civil lawsuits against the wrongdoers. We adapt our services to meet client needs. Enforcement actions can range from sending a single cease-and-desist letter and following up to managing complex, multiyear programs where a company outsources its enforcement work to our dedicated team of internet enforcement lawyers.