Global Cybersecurity and Privacy Policy and Regulation

  • Holland & Knight’s Global Cybersecurity and Privacy Policy and Regulation Team offers a range of policy and regulatory solutions our clients as they navigate today’s data-driven marketplace.
  • With the increasing growth of new regulations and emerging global policy that impacts all sectors,  our cybersecurity and privacy policy and regulatory team brings years of experience, having worked in and with the Executive Branch and around the world on these issues.
  • The team is comprised of lawyers, former senior Executive Branch officials, Members of Congress and subject matter experts who offer broad experience managing all aspects of cybersecurity and privacy policy and regulatory issues.
  • Holland & Knight is one of a few U.S. firms with a depth of experience in advising clients operating in critical infrastructure sectors, and how the global policy and regulatory changes will impact their underlying business. Our team advises the C-Suite and business operations on how to navigate through and prepare for changes in emerging technology regimes, along with the associated cybersecurity and risks.
Digital Lock

Overview

Cybersecurity and privacy issues impact every industry and present ongoing challenges that must be clearly understood and addressed by executive management and at the board level. Holland & Knight’s Global Cybersecurity and Privacy Policy and Regulation Team works across sectors and practice areas to provide comprehensive and strategic counsel on these core business imperatives.

We offer experienced guidance regarding cybersecurity and privacy risks to clients, assistance on understanding how cybersecurity is an enterprise risk management issue, and how the global policy and regulatory structures demand that “Privacy by Design” and “Security by Design” be included.  Our team has extensive international trade and diplomacy experience, and are called upon as subject matter experts to help advise on how global cybersecurity and privacy  policies and regulations are evolving. Our team has extensive experience in managing government affairs and lobbying support, as well as crisis communications and public affairs issues.

We offer a broad set of policy, regulatory, legislative, compliance and crisis management experience to develop holistic, tailored solutions for our clients. We offer true one-stop shop capabilities with our full-service practice that addresses even the most complex cybersecurity and privacy issues. We provide practical solutions that work, so our clients can focus on what they do best – successfully running their companies.

Cybersecurity for Infrastructure and Other Key Industries

Holland & Knight Global Cybersecurity and Privacy Policy and Regulation Team members understand the nuances of how cybersecurity and privacy issues affect each industry. We are one of a few law firms to offer the full range of cybersecurity advice and counsel integrated with the knowledge of day-to-day regulations for critical infrastructure sectors. All of this stems from having worked on these issues for nearly twenty years, even before any of the current policies or regulations were put in place.

Our work includes specific experience related to the 16 critical infrastructure sectors identified by the White House and the U.S. Department of Homeland Security as vital to national security, as well other key industries, including:

  • banking and financial services (including insurance)
  • chemicals
  • commercial facilities
  • communications
  • critical manufacturing
  • dams
  • defense
  • education
  • emergency services
  • energy
  • financial services
  • food and agriculture
  • government facilities
  • healthcare and public health
  • hospitality
  • information technology (IT)
  • nuclear reactors, materials and waste
  • real estate
  • retail
  • transportation
  • water and wastewater

Strategic U.S. and International Regulatory and Compliance Advisors

We guide companies in creating proactive privacy and cybersecurity compliance strategies to address the evolving – and often conflicting – patchwork of state, local, federal and international regulatory environments.

Our team has extensive experience from having served in the U.S. government as both regulators and negotiators, in addition to the deep experience of our private-sector practitioners. The Cybersecurity and Privacy Policy and Regulation Team helps clients navigate the Privacy Shield, the EU NIS Directive and the EU General Data Protection Regulations (GDPR), as well as global efforts for data localization and nation-specific cybersecurity and privacy requirements. We guide and advise companies on cybersecurity, privacy and cross-border data transfer issues in various G7 and G20 trade negotiations, as well as other U.S. bilateral and multilateral negotiations, such as the Trans-Pacific Partnership (TPP) and Transatlantic Trade Investment Partnership (TTIP).

Existing and Evolving Regulatory Cybersecurity and Privacy Issues

Our team has significant experience working closely with, and in opposition to, the leading regulators who are responsible for building and evolving the intricate web of federal and state laws and regulations implicated in cybersecurity and privacy matters. Our team represents clients across federal agencies, including the Federal Trade Commission (FTC); the Federal Communications Commission (FCC); the U.S. Departments of Homeland Security, Defense, Treasury, Justice, Transportation, Health and Human Services, and Energy; the Federal Energy Regulatory Commission (FERC); the Commodities Future Trading Commission (CFTC); and the Consumer Financial Protection Bureau (CFPB), as well as with state elected officials and state regulators, including insurance and banking regulators.

Case Studies

Tools & Resources

Cybersecurity and Privacy Blog

Provides insight and analysis on privacy and information security laws

FinTech Fast Facts

Multimedia

Two Byte Conversations - Decoding the Future of AI Regulation and Frontier Models
Podcast - Decoding the Future of AI Regulation and Frontier Models
 Two Byte Conversations: Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
 Regulatory Phishing Podcast Episode ft Kelsey Hayes
Podcast - Discussing a DOJ Lawsuit Under the Civil-Fraud Initiative
 Sound Waves
What Contractors Need to Know, Now That the CMMC Rule Is Finalized
 Sound Waves
The Contractor Cybersecurity Locomotive Picks Up Steam
 Regulatory Phishing Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
 Sound Waves
Mitigation and Managing Third-Party Risks with Priya Keshav & Kim-An Hernandez
 Sound Waves
A Big Defense Cybersecurity Requirement for Contractors Moves Closer to Reality
 Sound Waves
The SEC’s Intensified Focus on AI Washing Practices
 Sound Waves
The Future of Sports and Crypto: Karate Combat
 AI Forum
Artificial Intelligence Forum
 Podcast: Cybersecurity Provisions in the FY24 NDAA
Podcast: Cybersecurity Provisions in the FY24 NDAA
 Congressional Activity on the Development of Quantum Computer Technology
Congressional Activity on the Development of Quantum Computer Technology
 Webinar Thumbnail
Impact of the CMMC Proposed Rule on Government Contractors
 CUI STILL
Cybersecurity and CUI in Government Contracts: What's New and What's Next?
 Podcast - The Role of Managed Service Providers with Stuart Itkin
Podcast - The Role of Managed Service Providers with Stuart Itkin
 Ep.7Regulatory _Phishing_Still
Podcast - The When, Where, Why and How of CMMC with Fernando Machado
 Artificial Intelligence: Breaking Down the New Biden Administration Executive Order
Artificial Intelligence: Breaking Down the New Biden Administration Executive Order
 SEC's New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Rules
SEC's New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Rules
 The State of Contractor Cybersecurity with Katie Arrington
Podcast - The State of Contractor Cybersecurity with Katie Arrington
 Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
 RP Ep. 5 Still
Podcast - Navigating the TikTok Ban: Implications for Government Contractors
 RP - The Impact of Cybersecurity Compliance on Corporate Transactions Still
Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
 Sound Waves
Nothing From the Government Comes Without Gobs of Documentation
 Still
Podcast - What Do the Newly Released CMMC 2.1 Documents Mean?
 A Lo Legal En Par Minutos Inteligencia Artificial Still
Podcast - Artificial Intelligence
 Regulatory Phishing Ep. 2 Still
Podcast - Third-Party Assessments and NIST SP 800-171
 CTC_InsightsontheFTC_Still
Podcast - Insights on the FTC's Approach to Digital Health Companies
 Regulatory Phishing Ep. 1 Still
Podcast - Overview of Cybersecurity in Government Contracts
 Sound Waves
All About Quantum
 Cybersecurity still
Podcast - SEC's Oversight on Cybersecurity Requirements
 Sound Waves
An Update on a Contractor Cybersecurity Rule VA Imposed This Year
 Government Contracts and Cybersecurity Compliance Still
Government Contracts and Cybersecurity Compliance
 Practical Compliance with Opt-Out Requirements Under State Privacy Laws
Practical Compliance with Opt-Out Requirements Under State Privacy Laws
 Eric Crusius Government Matters Still
Working to Protect Sensitive Cyber Information
 Quantum Computing: Tomorrow's Risks and Today's Opportunities
Quantum Computing: Tomorrow's Risks and Today's Opportunities

Insights

News and Headlines

Primary Contacts

Christopher DeLacy Joel E. Roberson
Meet Our Professionals
View Professionals

Additional Resources

Team Fast Facts

Related Practices

Artificial Intelligence Artificial Intelligence Policy & Regulation Autonomous Transportation Aviation Compliance Services Congressional Investigations Consumer Protection Defense and Compliance Cyber Liability Insurance Digital Assets and Blockchain Technology Digital Healthcare E-Commerce Education Embassies and Sovereign Governments Emerging Technologies Law and Policy Energy Financial Investigations Financial Services Financial Services Regulations Government Contracts Healthcare & Life Sciences HIPAA and Healthcare Privacy Hospitality, Resort and Timeshare Insurance Disputes International and Cross-Border Transactions International Trade Media Mergers and Acquisitions Outsourcing and Technology Transactions Satellite and Space Technology Public Policy & Regulation Quantum Computing Real Estate Risk and Crisis Management Tech & Data Transactions Technology Venture Capital