Navigating the cybersecurity landscape: McDonald Hopkins’ Data Privacy and Cybersecurity practice continues to grow amid increased breaches

McDonald Hopkins, a business advisory and advocacy law firm, is proud to announce significant growth and key trends within its Data Privacy and Cybersecurity Practice Group in the first half of 2024. The firm has successfully responded to a remarkable number of data breaches and incidents, showcasing its commitment to safeguarding client data and navigating the evolving complexities of data privacy.

Incident Response Surge

In the first half of 2024, the Data Privacy and Cybersecurity team successfully responded to over 1,500 incidents, a substantial increase from previous years. Since the inception of the group, the team has addressed over 15,000 data breaches and privacy incidents, 2,300 in the last year alone. This year’s surge in incidents and services requested by clients underscores the growing prevalence and severity of cyberattacks and a concerning trend when it comes to third-party breaches.

“While ransomware and business email compromises continue to be the most common type of data security incident we are helping our clients through, we are seeing a drastic increase in the number of data breaches at third-parties,” said Dominic Paluzzi, the co-chair of the Data Privacy and Cybersecurity Practice Group. “Now, more than ever, it is important to vet your vendors and ensure you have contractual provisions that protect you when an incident occurs at a vendor.”

Below is a look at the incidents McDonald Hopkins managed last year, by type of incident and industry.

Client Concerns and Emerging Trends

Given the rise in third-party breaches, such as those involving Change Healthcare, CDK Global, Kaleida Systems, MOVEit, and Doxim, clients are increasingly concerned about liability, including notification requirements and potential litigation. This year has also seen a significant uptick in state and federal regulatory investigations and class action litigation resulting from data breach notifications.

Now is the time to conduct a data privacy risk assessment review and evaluate your current data security policies and procedures. Constant cyber awareness for employees is critical, along with practicing tabletop exercises with your incident response team to be ready for the inevitable.

Growth

To meet the rising demand for service, the practice continues to evolve its services and talent. McDonald Hopkins welcomed 17 attorneys to its privacy team within the last year, including recent additions David Lane, Jennifer Torrez, Karen Bridges, Ed Grahovec, and Farzana Ahmed. Their additions are merely the latest in a continuous influx of new talent, reflecting McDonald Hopkins’ commitment to be a destination firm for businesses in need of cybersecurity expertise, as well as a destination for data privacy attorneys who are looking for an opportunity to grow their careers with an amazing team.

The current team, comprised of 49 attorneys located throughout the country, specializes in all aspects of data privacy and cybersecurity law including pre-breach services, incident response, regulatory defense and privacy litigation. They have over 20 industry-specific specializations and have handled a wide array of breaches and incidents across all industries.

“Welcoming so many new team members to McDonald Hopkins is extremely gratifying. Given their level of talent and sophistication, they had many choices, yet they chose McDonald Hopkins. This speaks volumes about the team’s reputation, the quality of our work, and our culture. As we continue to add talented attorneys to our team, our scope of cybersecurity expertise also expands.  While possessing vast data privacy and cybersecurity experience, the team excels at finding efficient, business-oriented solutions for any legal matter an organization may face. Our innovative and efficient problem-solving approach sets us apart and is crucial as our clients face very challenging and complex issues,” said Jim Giszczak, co-president of McDonald Hopkins and co-chair of the Data Privacy and Cybersecurity Practice Group.

National recognition

McDonald Hopkins’ data privacy and cybersecurity attorneys and the practice as a whole have been recognized multiple times in the past year and a half for their contributions to safeguarding clients’ sensitive information and outstanding incident response work.

• Sean Bowen, Counsel on the data privacy team, was named to the 2023 National Black Lawyers’ Top 40 under 40.
• Blair Dawson, a Member in the firm’s Chicago office, was selected to the 2024 Crain’s Chicago list of Notable Women in Law.
• Jim Giszczak was recognized in the 2024 edition of The Best Lawyers in America.
• Dominic Paluzzi has been ranked by Chambers USA as a Recognized Leader in Privacy & Data Security: Cybersecurity and has once again been named to Cybersecurity Docket’s Incident Response 50.
• Spencer Pollock, a Member in the firm’s Baltimore office, was named to Maryland’s list of 2024 Rising Stars, and was also a finalist for the Zywave Cyber Person of the Year (Attorney category) award.

Knowledge sharing

The practice group is dedicated to solving its clients’ immediate issues and is committed to sharing up-to-date knowledge and breaking news in the data privacy industry. Since 2023 and into the first half of this year, team members authored nearly 70 articles on McDonaldHopkins.com covering a wide range of topics, including state, federal, and international compliance changes, incident notifications, and useful cybersecurity tips for organizations.

News outlets, trade groups, and organizations consistently contact the team to share their knowledge at speaking engagements, news interviews, and events throughout the country.

Contact McDonald Hopkins' Data Privacy and Cybersecurity team to ensure your company’s compliance with cyber regulations, discuss concerns about vulnerabilities to a ransomware attack or other breach, and find out more about proactive cybersecurity defense. Learn more about the group at mcdonaldhopkins.com/data-privacy-and-cybersecurity.