Global Cybersecurity and Privacy Policy and Regulation

  • Holland & Knight’s Global Cybersecurity and Privacy Policy and Regulation Team offers a range of policy and regulatory solutions our clients as they navigate today’s data-driven marketplace.
  • With the increasing growth of new regulations and emerging global policy that impacts all sectors,  our cybersecurity and privacy policy and regulatory team brings years of experience, having worked in and with the Executive Branch and around the world on these issues.
  • The team is comprised of lawyers, former senior Executive Branch officials, Members of Congress and subject matter experts who offer broad experience managing all aspects of cybersecurity and privacy policy and regulatory issues.
  • Holland & Knight is one of a few U.S. firms with a depth of experience in advising clients operating in critical infrastructure sectors, and how the global policy and regulatory changes will impact their underlying business. Our team advises the C-Suite and business operations on how to navigate through and prepare for changes in emerging technology regimes, along with the associated cybersecurity and risks.
Digital Lock

Overview

Cybersecurity and privacy issues impact every industry and present ongoing challenges that must be clearly understood and addressed by executive management and at the board level. Holland & Knight’s Global Cybersecurity and Privacy Policy and Regulation Team works across sectors and practice areas to provide comprehensive and strategic counsel on these core business imperatives.

We offer experienced guidance regarding cybersecurity and privacy risks to clients, assistance on understanding how cybersecurity is an enterprise risk management issue, and how the global policy and regulatory structures demand that “Privacy by Design” and “Security by Design” be included.  Our team has extensive international trade and diplomacy experience, and are called upon as subject matter experts to help advise on how global cybersecurity and privacy  policies and regulations are evolving. Our team has extensive experience in managing government affairs and lobbying support, as well as crisis communications and public affairs issues.

We offer a broad set of policy, regulatory, legislative, compliance and crisis management experience to develop holistic, tailored solutions for our clients. We offer true one-stop shop capabilities with our full-service practice that addresses even the most complex cybersecurity and privacy issues. We provide practical solutions that work, so our clients can focus on what they do best – successfully running their companies.

Cybersecurity for Infrastructure and Other Key Industries

Holland & Knight Global Cybersecurity and Privacy Policy and Regulation Team members understand the nuances of how cybersecurity and privacy issues affect each industry. We are one of a few law firms to offer the full range of cybersecurity advice and counsel integrated with the knowledge of day-to-day regulations for critical infrastructure sectors. All of this stems from having worked on these issues for nearly twenty years, even before any of the current policies or regulations were put in place.

Our work includes specific experience related to the 16 critical infrastructure sectors identified by the White House and the U.S. Department of Homeland Security as vital to national security, as well other key industries, including:

  • banking and financial services (including insurance)
  • chemicals
  • commercial facilities
  • communications
  • critical manufacturing
  • dams
  • defense
  • education
  • emergency services
  • energy
  • financial services
  • food and agriculture
  • government facilities
  • healthcare and public health
  • hospitality
  • information technology (IT)
  • nuclear reactors, materials and waste
  • real estate
  • retail
  • transportation
  • water and wastewater

Strategic U.S. and International Regulatory and Compliance Advisors

We guide companies in creating proactive privacy and cybersecurity compliance strategies to address the evolving – and often conflicting – patchwork of state, local, federal and international regulatory environments.

Our team has extensive experience from having served in the U.S. government as both regulators and negotiators, in addition to the deep experience of our private-sector practitioners. The Cybersecurity and Privacy Policy and Regulation Team helps clients navigate the Privacy Shield, the EU NIS Directive and the EU General Data Protection Regulations (GDPR), as well as global efforts for data localization and nation-specific cybersecurity and privacy requirements. We guide and advise companies on cybersecurity, privacy and cross-border data transfer issues in various G7 and G20 trade negotiations, as well as other U.S. bilateral and multilateral negotiations, such as the Trans-Pacific Partnership (TPP) and Transatlantic Trade Investment Partnership (TTIP).

Existing and Evolving Regulatory Cybersecurity and Privacy Issues

Our team has significant experience working closely with, and in opposition to, the leading regulators who are responsible for building and evolving the intricate web of federal and state laws and regulations implicated in cybersecurity and privacy matters. Our team represents clients across federal agencies, including the Federal Trade Commission (FTC); the Federal Communications Commission (FCC); the U.S. Departments of Homeland Security, Defense, Treasury, Justice, Transportation, Health and Human Services, and Energy; the Federal Energy Regulatory Commission (FERC); the Commodities Future Trading Commission (CFTC); and the Consumer Financial Protection Bureau (CFPB), as well as with state elected officials and state regulators, including insurance and banking regulators.

Case Studies

Multimedia

Podcast: Cybersecurity Provisions in the FY24 NDAA
Podcast: Cybersecurity Provisions in the FY24 NDAA
Congressional Activity on the Development of Quantum Computer Technology
Congressional Activity on the Development of Quantum Computer Technology
sound waves
International Day for the Protection of Personal Data
Webinar Thumbnail
Impact of the CMMC Proposed Rule on Government Contractors
CUI STILL
Cybersecurity and CUI in Government Contracts: What's New and What's Next?
Podcast - The Role of Managed Service Providers with Stuart Itkin
Podcast - The Role of Managed Service Providers with Stuart Itkin
Ep.7Regulatory _Phishing_Still
Podcast - The When, Where, Why and How of CMMC with Fernando Machado
Artificial Intelligence: Breaking Down the New Biden Administration Executive Order
Artificial Intelligence: Breaking Down the New Biden Administration Executive Order
SEC's New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Rules
SEC's New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Rules
The State of Contractor Cybersecurity with Katie Arrington
Podcast - The State of Contractor Cybersecurity with Katie Arrington
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
RP Ep. 5 Still
Podcast - Navigating the TikTok Ban: Implications for Government Contractors
RP - The Impact of Cybersecurity Compliance on Corporate Transactions Still
Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
sound waves
Nothing From the Government Comes Without Gobs of Documentation
Still
Podcast - What Do the Newly Released CMMC 2.1 Documents Mean?
A Lo Legal En Par Minutos Inteligencia Artificial Still
Podcast - Artificial Intelligence
Regulatory Phishing Ep. 2 Still
Podcast - Third-Party Assessments and NIST SP 800-171
CTC_InsightsontheFTC_Still
Podcast - Insights on the FTC's Approach to Digital Health Companies
Regulatory Phishing Ep. 1 Still
Podcast - Overview of Cybersecurity in Government Contracts
sound waves
All About Quantum
Cybersecurity still
Podcast - SEC's Oversight on Cybersecurity Requirements
sound waves
An Update on a Contractor Cybersecurity Rule VA Imposed This Year
Government Contracts and Cybersecurity Compliance Still
Government Contracts and Cybersecurity Compliance
Practical Compliance with Opt-Out Requirements Under State Privacy Laws
Practical Compliance with Opt-Out Requirements Under State Privacy Laws
Eric Crusius Government Matters Still
Working to Protect Sensitive Cyber Information
Quantum Computing: Tomorrow's Risks and Today's Opportunities
Quantum Computing: Tomorrow's Risks and Today's Opportunities
GocCon Giants Podcast Still
Administration and Regulation Changes in Government Contracting
sound waves
Changes Coming to CMMC; The Cryptocurrency Threat Landscape; Getting Ready for a CR
Media_DevelopingaMetaverseStrategy_Still
Developing a Metaverse Strategy
Coffee and Conversation Still
Cyber Attack Coming? Watch Out for SEC Proposed Rulemaking
A Look Ahead at U.S. National Security
Podcast: A Look Ahead at U.S. National Security
Podcast: NDAA FY22 Cybersecurity Provisions and Acquisition Reform
Podcast: FY22 NDAA Cybersecurity Provisions and Acquisition Reform
Eyes on Washington Podcast Special Miniseries: The NDAA - Part 1
Podcast: NDAA Introduction and Overview of FY22 Themes
GovConStill
Government Contracting and Cybersecurity
sound waves
What CMMC 2.0 Means For Defense Contractors and Accelerating Zero Trust at the State Dept.
Identity Protection for High-Net-Worth Individuals and Family Offices
Identity Protection for High-Net-Worth Individuals and Family Offices

Insights

Upcoming Events

News and Headlines