As reported last week, a state-sponsored hacker may have breached multiple U.S. government networks through a widely-used software product offered by SolarWinds. The compromised product helps organizations manage their networks, servers and networked devices. The product is not only used by government agencies, but is widely used in both the public and private sectors. Whether or not you are one of the impacted customers, the SolarWinds attack is a reminder of the importance of conducting incident response and risk assessments under privilege whenever possible, performing due diligence before engaging vendors, and implementing procedures to minimize information disclosed to or accessed by vendors.

Read the full post on Proskauer’s Privacy Law blog.

Posted in Media and Technology, Privacy, Privacy & Data Security
Tags: computer hacking, cyber-attacks, cybersecurity, data breach, Dual-Purpose Risk Assessments, FRCP 26(b)(4)(D), incident response, malware, NSA’s Cybersecurity Advisories & Technical Guidance, Orion, Risk Assessment, SolarWinds, Vendor Supply Chain Attack
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jeffrey Neuburger Jeffrey Neuburger

Jeffrey Neuburger is a partner, co-head of the Technology, Media & Telecommunications Group, a member of the Privacy & Cybersecurity Group and editor of the firm’s New Media and Technology Law blog.

Jeff’s practice focuses on technology, media and advertising-related business transactions…

Jeffrey Neuburger is a partner, co-head of the Technology, Media & Telecommunications Group, a member of the Privacy & Cybersecurity Group and editor of the firm’s New Media and Technology Law blog.

Jeff’s practice focuses on technology, media and advertising-related business transactions and counseling, including the utilization of emerging technology and distribution methods in business. For example, Jeff represents clients in online strategies associated with advertising, products, services and content commercialized on the Internet through broadband channels, mobile platforms, broadcast and cable television distribution and print publishing. He also represents many organizations in large infrastructure-related projects, such as outsourcing, technology acquisitions, cloud computing initiatives and related services agreements.

Serving as a collaborative business partner through our clients’ biggest challenges, Jeff is part of the Firm’s cross-disciplinary, cross-jurisdictional Coronavirus Response Team helping to shape the guidance and next steps for clients impacted by the pandemic.

Read more about Jeffrey Neuburger
Show more Show less
Photo of Ryan P. Blaney Ryan P. Blaney

Ryan Blaney represents health care, life science, and technology clients in a range of regulatory, enforcement, internal investigative and transactional matters, with particular expertise in privacy law, life sciences and digital health. He also has expertise in regulatory compliance, counseling clients on a…

Ryan Blaney represents health care, life science, and technology clients in a range of regulatory, enforcement, internal investigative and transactional matters, with particular expertise in privacy law, life sciences and digital health. He also has expertise in regulatory compliance, counseling clients on a range of matters, including health care fraud and abuse, third party reimbursement, data breach issues, data privacy and security, and FDA regulatory matters. He has substantial experience in pharmaceutical lifecycle management and competition issues, including the Hatch- Waxman Act and Biosimilars Price Competition and Innovations Act.

Ryan serves information technology companies, public and private health care companies, hospitals and physician organizations, manufacturers, medical device companies, and health plans. He guides venture capital groups, private equity funds, investment banks, and other investors on health care regulatory issues in connection with financing, mergers and acquisitions, and restructuring.

Ryan’s work is greatly informed by his experience as a teacher. Prior to attending law school, Ryan earned a master’s degree in education and taught at an under-resourced Catholic middle school. He is known for his ability to communicate clearly and to coordinate large teams working on complex matters. Outside of his health law practice, Ryan has been repeatedly recognized for his public service and pro bono work. He has successfully handled numerous education-related cases, helped establish three nonprofit organizations and defended qualified recipients of disability benefits.

Read more about Ryan P. Blaney
Show more Show less
Photo of Nolan Goldberg Nolan Goldberg

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range…

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range of types of disputes, including cybersecurity, intellectual property, and commercial.  Nolan’s understanding of technology allows him to develop defenses and strategies that might otherwise be overlooked or less effective and enhances the “story telling” that is critical to bringing a dispute to a successful conclusion.

Nolan is a registered patent attorney before the U.S. Patent & Trademark Office; and an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional, United States (US CIPP) and Certified Information Privacy Technologist (US CIPT).

Cybersecurity

Nolan’s electrical engineering background, coupled with a litigation and risk management-centric focus, allows him to assist companies in all phases of incident response. Nolan often acts as a bridge between the technical and legal response teams (both inside and outside forensic consultants). Nolan uses this deep familiarity with the company and its systems to defend the company in litigations, arbitrations and regulatory investigations, including before the Federal Communications Commission (FCC); Federal Trade Commission (FTC) and before various State’s Attorneys General, including Multi-State investigations.

Nolan has worked on incidents that range from simple phishing attacks on e-mail accounts by cyber-criminals to intrusions by (formerly) trusted inside employees to complex technical breaches of hosted systems by state-sponsored advanced persistent threats (APTs). These incidents have involved both client systems, and systems of a vendor of a client that hosted its data.

It is often the case (both in response to an incident and for other reasons) that a company will want to undertake an assessment of its security posture, but has concerns about the discoverability of any such analysis.  Accordingly, Nolan also frequently assists companies’ scope and conduct privileged security assessments, including “dual purpose” assessments where privileged analysis are also used for ordinary-course purposes.

Commercial Disputes

Nolan also assists companies with commercial disputes, particularly in cases where there is a technology component, including disputes arising from hosted software agreements; outsourcing and managed services agreements; software and technology development agreements and the dissolution of joint ventures.  When these disputes cannot be amicably resolved, Nolan has litigated them in State and Federal Court and in arbitrations, including international arbitrations.

Intellectual Property

Nolan’s work has included numerous patent and trade secret litigations and negotiations, primarily in cases involving computer and network-related technologies. In particular, the litigations have involved at least the following technologies: hosted software; telecommunications, computer networking; network and computer-related security hardware and software; microprocessors, voice-over Internet protocol (“VoIP”); bar code scanners  financial business methods and software, including securities settlement, fail management and trade execution and reporting software; data compression; handheld computers; pharmaceuticals; cardiac electro-stimulatory devices and prosthetics.

Nolan also has experience prosecuting patent applications before the U.S. Patent and Trademark Office in encryption, CMOS, HDTV, virtual private networks (“VPN”), e-commerce, XML/XSL, financial instruments, semiconductor electronics, medical device technology, inventory control and analysis, cellular communications, Check 21 and business methods. Nolan also has conducted numerous freedom-to-operate searches, written opinions, and counseled clients in the areas of bar code scanners, imaging, book publishing, computer networking, business methods, Power Over Ethernet (“PoE”), and digital content distribution.

He has assisted in evaluating patents for inclusion in patent pools involving large consumer electronics and entertainment companies concerning CD and DVD technology.

Computer Forensics and Electronic Discovery

Nolan is often called upon to develop e-discovery strategies to be used in all types of litigations, with a particular focus on selecting appropriate tools, developing proportionate discovery plans, cross border electronic discovery, managing the overall burden and cost of the electronic discovery process, and obtaining often overlooked electronic evidence, including computer forensics. He also assists clients to develop and implement information management programs to reduce expense and risk, meet compliance obligations, and tame e-discovery burdens.

Thought Leadership

Nolan has authored numerous articles and given numerous presentations on emerging issues and trends in both technology and law, and has often been called upon to comment on various media outlets including Business Week, IPlaw360, IT Business Edge, CIO.com, Forbes, and The National Law Journal.

Prior to practicing law, Nolan was a computer specialist at Underwriters Laboratories (UL).

Read more about Nolan Goldberg
Show more Show less
Photo of Margaret A. Dale Margaret A. Dale

Margaret Dale is a trial lawyer and first-chair litigator handling complex business disputes across a wide variety of industries, including: consumer products, media and entertainment, financial services, telecommunications and technology, and higher education. She is a former vice-chair of the Litigation Department, and…

Margaret Dale is a trial lawyer and first-chair litigator handling complex business disputes across a wide variety of industries, including: consumer products, media and entertainment, financial services, telecommunications and technology, and higher education. She is a former vice-chair of the Litigation Department, and heads the Department’s Data Privacy and Cybersecurity Practice Group. Margaret has been recognized since 2017 in Benchmark Litigation’s Top 250 Women in Litigation.

Margaret’s practice covers the spectrum of complex commercial disputes, including privacy and data security matters, as well as disputes involving M&A, intellectual property, bankruptcy and insolvency, securities, corporate governance, and asset management.

Margaret regularly counsels clients before litigation commences to assess risk, adopt strategies to minimize or deflect disputes, and resolve matters without going to court.

Margaret is a frequent writer, including authoring a regular column on corporate and securities law in the New York Law Journal. She also serves as the lead editor of Proskauer’s blog on commercial litigation, Minding Your BusinessShe also authored the chapter titled “Privileges” in the treatise Commercial Litigation in New York State Courts (Haig, 5th ed.), as well as the chapter titled “Data Breach Litigation” in PLI’s Proskauer on Privacy.

Margaret maintains an active pro bono practice advocating on issues relating to women, children and veterans. She serves on the Board of Directors of CFR (Center for Family Representation), VLA (Volunteer Lawyers for the Arts), JALBC (Judges and Lawyers Breast Cancer Alert), and the City Bar Fund.

Read more about Margaret A. Dale
Show more Show less
Related Posts
The Return of the Video Privacy Protection Act (VPPA)
October 2, 2023
FTC Continues to Stake Out Role as Key AI Regulator
September 26, 2023
Big Tech, Biometrics and BIPA: Meta’s Recent $68.5M Class Action Settlement
September 11, 2023