Go Back to Privacy + Cyber

Practice

Incidents + Investigations

Comprehensive Incident Response Services

Data breaches and other cybersecurity incidents require the immediate and comprehensive assistance of experienced legal counsel. Our national team thoroughly understands the unique legal and technological nuances in this ever-evolving area, and has decades of experience guiding clients across all aspects of data privacy and security, including:

  • Developing incident response plans and workflows to help reduce the impact of a security incident;
  • Thoroughly testing procedures for responding to security incidents through our tabletop exercise workshops; and
  • Handling all aspects of incident response, including the regulatory enforcement and litigation firestorm that typically follows a security incident. We have led the response to hundreds of data security incidents, regulatory investigations, and data breach litigations since 2005.

We regularly work with clients in variety of industries, such as financial services, professional services, law enforcement, life sciences and health care, energy, telecom, and insurance. Our team guides clients through every step of the incident response process, including engaging vendors to conduct a forensic investigation, coordinating initial crisis management communications, interfacing with law enforcement, advising on regulatory compliance issues, and assessing and complying with state and federal notification requirements and data governance standards.

Thorough preparation is the best defense to a cyberattack or other data security incident.

An incident response plan is a critical component of an effective information security program. Taking into consideration each organization’s unique mission, size, structure, and functions, we help clients to develop a formal, focused, and coordinated approach to responding to an incident. Our response plans provide a roadmap for responding to security incidents in a timely and effective manner, while also protecting customers, clients, and the brand.

Companies must periodically test their incident response plans and critical staff through a functional simulated exercise known as a tabletop exercise. Our tabletop exercise workshop identifies and addresses any deficiencies in a company’s response capabilities. We offer practical, client-specific advice and skilled counsel to help companies anticipate and prepare for potential issues. Our team walks clients through simulated scenarios that challenge incident response capabilities in a variety of expected and unexpected ways. The workshop also enables our clients to:

  • Build incident response instincts, define roles, and create channels for information and decision-making.
  • Test the limits of the incident response plan to prepare for the unexpected.
  • Facilitate discussions related to improving existing incident response procedures and information security programs.
  • Better understand the incident response process with a trusted breach advisor, who will lead you through an actual incident.

In the event of a suspected security incident, our response team can be reached at incident.response@troutman.com.

Businesses must immediately address an actual or suspected incident involving unauthorized access to confidential information in order to comply with applicable laws and regulations, and engaging experienced counsel at the onset is essential in order to maintain the attorney-client privilege.

Since 2005, hundreds of companies have chosen our team to guide them through incidents of unauthorized access to data and digital assets, phishing attacks, and ransomware. Our national breach response team provides comprehensive advice 24/7/365 in areas such as internal investigations, root-cause analyses, breach identification and response, individual and regulatory notice, regulatory investigations, and litigation.

Incidents are typically followed by regulatory inquiry or litigation. Our national team offers a unique combination of subject matter depth, first-chair litigation experience, and decades of work handling bet-the-company government investigations, enforcement actions, and regulatory inquiries in every state. We have defended clients in hundreds of claims, including in MDLs, in courts throughout the U.S. involving federal and state privacy laws that address the collection, security, use, and dissemination of consumer data. Drawing from experience as former regulators in attorneys general offices, we also regularly handle state attorney general investigations and matters before state administrative bodies and federal agencies. Our work before the Federal Trade Commission, the Consumer Financial Protection Bureau, the U.S. Department of Health and Human Services Office for Civil Rights, insurance commissioners, and state attorneys general spans several decades.

Our team is frequently invited to speak at client and industry programs and cyber risk conferences. We are included on various insurer panels for breach response and related litigation defense and are recommended by insurers for incident response and pre-incident preparedness. We coordinate with our insurance attorneys for insurance-related issues, and our Incidents + Investigations team partners seamlessly with our trial practice for defense matters.

Dear Mary — Incidents + Investigations Cybersecurity Advice Column

‘Dear Mary,’ is Troutman Pepper Locke’s Incidents + Investigations team’s advice column. You will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to respond to regulators, and much more. ‘Dear Mary’ goes beyond our articles, podcasts, webinars, and other content we produce because here, we respond directly to your questions with concise, practical answers. We promise they will be interesting, informative, and hopefully a little fun.