Troutman Pepper Launches Team to Address Cyberattacks

Troutman Pepper Partners Sadia Mirza, Stephen Piepgrass, and Ron Raether were quoted in the Law360 Pulse article, “Troutman Pepper Launches Team to Address Cyberattacks.”

The team’s co-leaders, partners Sadia Mirza of the Orange County, California, office and Stephen Piepgrass of the Richmond, Virginia, office, told Law360 Pulse in a joint email Thursday, “Troutman Pepper’s incidents and investigations group stands out for its deep-rooted experience and comprehensive approach to security incident management.”

“Our team of attorneys, pioneers in the field, handled the first data breach in 2005, a time when no established incident response playbook existed,” Mirza and Piepgrass said. “Our team is a blend of former regulators, attorneys, security advisers and cyber insurance experts, each bringing a unique perspective to the table. The result is a diverse yet unified team that helps clients make critical decisions during their initial response that take into account the long-term ramifications for future potential investigations and litigation.”

…

Mirza said in the firm’s statement, “What sets us apart is our level of expertise in highly regulated industries, our proficiency in assisting companies through all stages of the incident response process, and our unique communication approach.

“Despite having a technically sound response, businesses may face complications if they lack effective communication skills,” Mirza said, adding that the Troutman Pepper team “emphasizes the importance of effective communication to ensure clients maintain control of their narrative, thereby reducing potential litigation and investigation risks and minimizing any adverse impact on their brand, reputation and operations.”

In the firm’s statement, Piepgrass said, “Not only are data incidents on the rise, but when large and complex incidents occur, the regulatory landscape can be complicated.

“With different regulators playing different roles — from Health and Human Services’ Office for Civil Rights, the Securities and Exchange Commission and the Federal Trade Commission at the federal level, to state attorneys general and various state agencies at the state level — it can become quite complex for a company to navigate,” he said. “Our team simplifies things.”

…

“Most clients have historically leveraged third-party IT or forensic firms to assist with these tasks,” Mirza said.

“The reality is that during an incident response, legal and forensics must collaborate and work together,” she added.

“We must transition from viewing incidents solely as security issues and actively involve legal and external counsel, even in the planning phases, to ensure a seamless response.” Mirza noted that new SEC requirements “mandate a collaborative approach among business, legal and security teams not only before and during an incident, but also in its aftermath.”

…

Ron Raether, co-leader of the firm’s privacy and cyber group, said in the statement: “The incidents and investigations-focused task force directly complements our privacy and cyber practice. We provide clients a collaborative, 360-degree approach, extending the range of privacy and cyber services traditionally offered by law firms by leveraging our broad and global expertise in key areas.”