Data Strategy & Security

The Debevoise Data Strategy & Security (DSS) practice is global and interdisciplinary combining our cybersecurity, privacy, business continuity, artificial intelligence, M&A diligence and data governance practices into one fully integrated and coordinated group. Together, we advise leading companies on responding to cybersecurity events, including regulatory inquiries and civil litigation. We also advise our clients on their overall data strategy, including how to protect and optimize the data that they maintain on premises, with vendors and in the cloud. Our strategic advice includes both legal and technical assistance with the data issues that arise in M&A diligence, licensing and vendor contracting. In addition, we help our clients determine what data they should delete or not collect because of cybersecurity, privacy or other risks.Because we lead responses to cyber incidents of all sizes and types globally, and on a continuous basis, we are able to channel that deep experience into helping all of our clients improve their preparations, including by assessing their plans, processes, resources, and ability to respond quickly and effectively to a major cyber breach, operational disruption or other significant data or technology event.We are able to leverage our worldwide network of law enforcement contacts in the event of an incident. Our team includes several former federal cybercrime prosecutors, including the former leader of the Justice Department’s Criminal Division, the former leader of the Department’s response to national security cyber threats, and two former Assistant U.S. Attorneys who brought landmark cyber cases in the country’s federal courts.Our services are based on experience in the trenches of many of the country’s landmark cyber and privacy incidents (including many non-public incidents). Our lawyers have deep technical knowledge that allows them to translate complex technical findings into legal and business decision points. This has enabled us to provide a pragmatic approach to identifying and coordinating the key elements of effective incident response and overall data strategy.Episode 12: Artificial Intelligence and Consumer Data - A Discussion with Kaitlin Asrow, Fintech Policy Advisor for Federal Reserve Bank of San Francisco 3 March 2021Avi Gesser, Anna Gressel, Kaitlin AsrowEpisode 11: Artificial Intelligence and Cyber Insurance – A Discussion with Stefan Toi of Aon Cyber Solutions and Marcello Antonucci of Beazley on Navigating “AI Gaps” in Cyber Insurance Coverage 6 January 2021Avi Gesser, Keith Slattery, Anna Gressel, Marcello Antonucci, Stefan ToiSupervising AI: The Role of Corporate Boards 16 November 2020Avi Gesser, Anna Gressel, Edward StrozEpisode 10: Artificial Intelligence and the Insurance Sector- A Discussion with Jon Godfread, North Dakota Commissioner of Insurance and Chair of the NAIC Artificial Intelligence Working Group 13 October 2020Avi Gesser, Anna Gressel, Jon GodfreadEpisode 9: Artificial Intelligence and Consumer Protection Risks - A Discussion with Andrew Smith, Director of the FTC's Bureau of Consumer Protection 6 August 2020Avi Gesser, Anna Gressel, Andrew SmithEpisode 8: Artificial Intelligence Regulation in the Securities Industry - A Discussion with Haimera Workie of FINRA's Office of Financial Innovation 23 July 2020Avi Gesser, Anna GresselEpisode 7 - Safeguarding Employees’ Credentials and Preventing Unauthorized Access to Sensitive Data Stored in the Cloud and on Employees’ Personal Devices. 7 July, 2020Avi Gesser, Mengyi Xu, Luke Tenery, Joe ShepleyEpisode 6: Ransomware 2.0 - A Discussion with Dave Wong of FireEye Mandiant on the Evolving Threat Landscape, Risk Mitigation Strategies, and Legal and Practical Considerations 23 June 2020Avi Gesser, HJ BrehmerEpisode 5: How to Demonstrate “Reasonable Cybersecurity Procedures” for Regulatory Inquiries and Litigation 16 June 2020Avi Gesser, Stephanie CipollaReturning to Work in the US: Key Employment Law Considerations 5 June 2020Alexander Cochran, Eric Dinallo, Avi Gesser, Jyotin Hamid, Tricia ShernoEpisode 4: Emerging Cybersecurity Issues for PE Sponsors and Portfolio Companies 21 May 2020Luke Dembosky, Avi GesserEpisode 3: Protecting Policyholder Data: Risks and lessons for insurers from the first weeks of work-from-home arrangements due to COVID-19 8 May 2020Luke Dembosky, Eric Dinallo, Avi GesserEpisode 2: Artificial Intelligence Regulation - A Discussion with Matthew Homer of the NYDFS on Reducing Risks Arising from AI Programs 21 April 2020Avi Gesser, Anna Gressel, Matthew HomerEpisode 1: Reducing Cybersecurity and Related Regulatory Risks Arising from Remote Working Arrangements 1 April 2020Luke Dembosky, Avi Gesser, Justin HerringAre You Ready for CCPA?

19 November 2019Jeremy Feigelson, Kate Saba, Warren MetlitzkyLife Under GDPR: A Breach Response Scenario23 May 2017Pierre Clermontel, Luke Dembosky, Jane Shvets, Anna V. Maximenko, Dr. Friedrich Popp