Global Cybersecurity and Privacy Policy and Regulation

  • Holland & Knight’s Global Cybersecurity and Privacy Policy and Regulation Team offers a range of policy and regulatory solutions our clients as they navigate today’s data-driven marketplace.
  • With the increasing growth of new regulations and emerging global policy that impacts all sectors,  our cybersecurity and privacy policy and regulatory team brings years of experience, having worked in and with the Executive Branch and around the world on these issues.
  • The team is comprised of lawyers, former senior Executive Branch officials, Members of Congress and subject matter experts who offer broad experience managing all aspects of cybersecurity and privacy policy and regulatory issues.
  • Holland & Knight is one of a few U.S. firms with a depth of experience in advising clients operating in critical infrastructure sectors, and how the global policy and regulatory changes will impact their underlying business. Our team advises the C-Suite and business operations on how to navigate through and prepare for changes in emerging technology regimes, along with the associated cybersecurity and risks.
Digital Lock

Overview

Cybersecurity and privacy issues impact every industry and present ongoing challenges that must be clearly understood and addressed by executive management and at the board level. Holland & Knight’s Global Cybersecurity and Privacy Policy and Regulation Team works across sectors and practice areas to provide comprehensive and strategic counsel on these core business imperatives.

We offer experienced guidance regarding cybersecurity and privacy risks to clients, assistance on understanding how cybersecurity is an enterprise risk management issue, and how the global policy and regulatory structures demand that “Privacy by Design” and “Security by Design” be included.  Our team has extensive international trade and diplomacy experience, and are called upon as subject matter experts to help advise on how global cybersecurity and privacy  policies and regulations are evolving. Our team has extensive experience in managing government affairs and lobbying support, as well as crisis communications and public affairs issues.

We offer a broad set of policy, regulatory, legislative, compliance and crisis management experience to develop holistic, tailored solutions for our clients. We offer true one-stop shop capabilities with our full-service practice that addresses even the most complex cybersecurity and privacy issues. We provide practical solutions that work, so our clients can focus on what they do best – successfully running their companies.

Cybersecurity for Infrastructure and Other Key Industries

Holland & Knight Global Cybersecurity and Privacy Policy and Regulation Team members understand the nuances of how cybersecurity and privacy issues affect each industry. We are one of a few law firms to offer the full range of cybersecurity advice and counsel integrated with the knowledge of day-to-day regulations for critical infrastructure sectors. All of this stems from having worked on these issues for nearly twenty years, even before any of the current policies or regulations were put in place.

Our work includes specific experience related to the 16 critical infrastructure sectors identified by the White House and the U.S. Department of Homeland Security as vital to national security, as well other key industries, including:

  • banking and financial services (including insurance)
  • chemicals
  • commercial facilities
  • communications
  • critical manufacturing
  • dams
  • defense
  • education
  • emergency services
  • energy
  • financial services
  • food and agriculture
  • government facilities
  • healthcare and public health
  • hospitality
  • information technology (IT)
  • nuclear reactors, materials and waste
  • real estate
  • retail
  • transportation
  • water and wastewater

Strategic U.S. and International Regulatory and Compliance Advisors

We guide companies in creating proactive privacy and cybersecurity compliance strategies to address the evolving – and often conflicting – patchwork of state, local, federal and international regulatory environments.

Our team has extensive experience from having served in the U.S. government as both regulators and negotiators, in addition to the deep experience of our private-sector practitioners. The Cybersecurity and Privacy Policy and Regulation Team helps clients navigate the Privacy Shield, the EU NIS Directive and the EU General Data Protection Regulations (GDPR), as well as global efforts for data localization and nation-specific cybersecurity and privacy requirements. We guide and advise companies on cybersecurity, privacy and cross-border data transfer issues in various G7 and G20 trade negotiations, as well as other U.S. bilateral and multilateral negotiations, such as the Trans-Pacific Partnership (TPP) and Transatlantic Trade Investment Partnership (TTIP).

Existing and Evolving Regulatory Cybersecurity and Privacy Issues

Our team has significant experience working closely with, and in opposition to, the leading regulators who are responsible for building and evolving the intricate web of federal and state laws and regulations implicated in cybersecurity and privacy matters. Our team represents clients across federal agencies, including the Federal Trade Commission (FTC); the Federal Communications Commission (FCC); the U.S. Departments of Homeland Security, Defense, Treasury, Justice, Transportation, Health and Human Services, and Energy; the Federal Energy Regulatory Commission (FERC); the Commodities Future Trading Commission (CFTC); and the Consumer Financial Protection Bureau (CFPB), as well as with state elected officials and state regulators, including insurance and banking regulators.

Case Studies

Multimedia

Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
Sound Waves
How Federal Procurement Rules Will Change in The Second Trump Administration
Two Byte Conversations - Decoding the Future of AI Regulation and Frontier Models
Podcast - Decoding the Future of AI Regulation and Frontier Models
Two Byte Conversations: Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Regulatory Phishing Podcast Episode ft Kelsey Hayes
Podcast - Discussing a DOJ Lawsuit Under the Civil-Fraud Initiative
Sound Waves
What Contractors Need to Know, Now That the CMMC Rule Is Finalized
Sound Waves
The Contractor Cybersecurity Locomotive Picks Up Steam
Regulatory Phishing Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
Sound Waves
Mitigation and Managing Third-Party Risks with Priya Keshav & Kim-An Hernandez
Sound Waves
A Big Defense Cybersecurity Requirement for Contractors Moves Closer to Reality
Sound Waves
The SEC’s Intensified Focus on AI Washing Practices
Sound Waves
The Future of Sports and Crypto: Karate Combat
AI Forum
Artificial Intelligence Forum
Podcast: Cybersecurity Provisions in the FY24 NDAA
Podcast: Cybersecurity Provisions in the FY24 NDAA
Congressional Activity on the Development of Quantum Computer Technology
Congressional Activity on the Development of Quantum Computer Technology
Webinar Thumbnail
Impact of the CMMC Proposed Rule on Government Contractors
CUI STILL
Cybersecurity and CUI in Government Contracts: What's New and What's Next?
Podcast - The Role of Managed Service Providers with Stuart Itkin
Podcast - The Role of Managed Service Providers with Stuart Itkin
Ep.7Regulatory _Phishing_Still
Podcast - The When, Where, Why and How of CMMC with Fernando Machado
Artificial Intelligence: Breaking Down the New Biden Administration Executive Order
Artificial Intelligence: Breaking Down the New Biden Administration Executive Order
SEC's New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Rules
SEC's New Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure Rules
The State of Contractor Cybersecurity with Katie Arrington
Podcast - The State of Contractor Cybersecurity with Katie Arrington
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
RP Ep. 5 Still
Podcast - Navigating the TikTok Ban: Implications for Government Contractors
RP - The Impact of Cybersecurity Compliance on Corporate Transactions Still
Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
Sound Waves
Nothing From the Government Comes Without Gobs of Documentation
Still
Podcast - What Do the Newly Released CMMC 2.1 Documents Mean?
A Lo Legal En Par Minutos Inteligencia Artificial Still
Podcast - Artificial Intelligence
Regulatory Phishing Ep. 2 Still
Podcast - Third-Party Assessments and NIST SP 800-171
CTC_InsightsontheFTC_Still
Podcast - Insights on the FTC's Approach to Digital Health Companies
Regulatory Phishing Ep. 1 Still
Podcast - Overview of Cybersecurity in Government Contracts
Sound Waves
All About Quantum
Cybersecurity still
Podcast - SEC's Oversight on Cybersecurity Requirements
Sound Waves
An Update on a Contractor Cybersecurity Rule VA Imposed This Year
Government Contracts and Cybersecurity Compliance Still
Government Contracts and Cybersecurity Compliance
Practical Compliance with Opt-Out Requirements Under State Privacy Laws
Practical Compliance with Opt-Out Requirements Under State Privacy Laws

Insights

News and Headlines