Am Law 100 firm Polsinelli has welcomed a group of ten attorneys and consultants focused on cybersecurity and privacy, deepening the firm’s already strong bench of over 50 attorneys practicing technology, cybersecurity and data privacy. The incoming group consists of four shareholders, one counsel, four associates and one technology consultant. The group has extensive experience guiding clients through cybersecurity and data privacy issues, ranging from proactive risk management and compliance counseling to incident response, regulatory investigations and class action litigation. Further, the team offers tailored due diligence advice in transactions for private equity funds and their portfolio companies.
“We are thrilled to welcome this talented team to Polsinelli,” said Jane E. Arnold, Co-Chair of Polsinelli’s Business Department. “Over the past few years, we have built a nationwide team to serve the varied needs of private equity clients, and adding a dedicated data privacy group with such a strong private equity background is the icing on the cake for our clients.”
“This is a highly skilled team with substantial experience addressing the most challenging privacy and data security issues facing businesses today,” said Greg Kratofil, Chair of Polsinelli’s Technology Transactions & Data Privacy Group. “This addition expands our depth and reinforces our commitment to provide clients with industry leading privacy, data security, incident response and privacy litigation services.”
“Our team is very excited to join Polsinelli. The opportunities this platform creates for our practice and our clients – bench strength, resources, industry position, and expertise – will only enhance our service offering,” said Shareholder J.T. Malatesta.
The group includes:
Shareholder John Thomas (J.T.) A. Malatesta III (Birmingham) advises clients around the world across a wide range of cybersecurity and data privacy issues. He has extensive experience guiding clients through incident response, regulatory investigations and class action litigation. He works with a number of private equity funds and their portfolio companies across all facets of cybersecurity risk management. He is a founding member of the Sedona Conference Working Group on Data Security and Privacy Liability and is a frequent speaker on emerging issues in cybersecurity regulation and data breach litigation. Malatesta has been lead counsel on over 500 cybersecurity incidents and has defended companies before the FTC, SEC, CFPB, NYSDFS, and European Data Protection Authorities and has litigated multiple data breach cases in the United States. Prior to joining Polsinelli, he served as chair of the Cybersecurity & Privacy practice at another law firm. Malatesta received his J.D. from the University of Virginia School of Law and holds a B.A. from Washington and Lee University.
Shareholder Starr Turner Drum (Birmingham) focuses her practice on defending privacy-focused litigation, guiding clients through regulatory investigations and developing globally compliant privacy programs. She is known for her depth and breadth of privacy knowledge and her business-focused approach to applying that knowledge to her clients’ matters. She has successfully defended numerous state and federal privacy and security class actions, arbitrations and regulatory investigations. She has also successfully developed hundreds of internationally compliant privacy and information governance plans across several sectors and has served as privacy due diligence counsel in billions of dollars’ worth of transactions. She chairs the steering committee of the privacy and cybersecurity-focused working group of the Sedona Conference® and was selected as a Fellow of Information Privacy by the International Association of Privacy Professionals (IAPP). She is regularly invited to speak on emerging privacy and data issues, such as AI, biometrics, children’s privacy, digital marketing, privacy class action litigation and more. Prior to joining Polsinelli she led the privacy practice at another law firm. Drum received her J.D. from the University of Alabama School of Law and holds a B.A. from Emory University. She clerked for the Honorable Judge James E. Graham of the Southern District of Georgia.
Shareholder Sarah S. Glover (Birmingham) focuses her practice on cybersecurity risk assessments, data breach response and cybersecurity compliance. She has been accredited as an ANSI Certified Information Privacy Professional/United States (CIPP/US) from the IAPP, while also serving as an adjunct cybersecurity law professor. She has performed hundreds of cybersecurity risk assessments for private equity portfolio companies and has advised a variety of organizations, from Fortune 500 companies to tech start-ups, across all industry verticals, on cybersecurity risk mitigation strategies. Prior to joining Polsinelli she led the proactive cybersecurity team at another law firm. Glover received her J.D., magna cum laude, Order of the Coif, from the University of Alabama School of Law and holds a B.A., summa cum laude, from the University of Alabama.
Shareholder Adam V. Griffin (Birmingham) provides cybersecurity incident response services and advice to clients worldwide, helping clients respond to and recover from cyber attacks and incidents. He has extensive experience guiding clients through all manner of cyber incidents, ranging from “bet the company” ransomware attacks to data leaks and insider threats. Griffin draws upon his technical training to advise clients across a wide spectrum of data privacy and security issues, including vendor management, tabletop exercises, regulatory compliance, policy and procedure development and incident response planning. He is CIPP/US certified by the IAPP. Prior to joining Polsinelli, he led the cyber incident response practice at another law firm. Griffin received his J.D. from the University of Alabama and holds a B.B.A. in Management Information Systems from Mississippi State University.
Counsel Jennifer L. Bauer (Raleigh) has extensive experience in global privacy program design, evaluation and audit, regulatory compliance and risk reporting, remediation, and data privacy and cybersecurity law. She guides her clients through complex privacy situations as a strategic and solution-oriented advisor. As a trusted and experienced leader certified by the IAPP, she has transformed the privacy programs of five Fortune 300 companies and advised blue-chip companies and large government entities on data privacy and security requirements, regulatory compliance (particularly GDPR / CCPA), and operational improvement opportunities. Bauer received her J.D. from West Virginia University College of Law and holds an LL.M from Georgetown University Law Center and a B.A. from William Paterson University.
Associate Elizabeth Snyder (New York) assists clients with satisfying their privacy obligations through meticulous attention to the changing compliance and regulatory requirements in the United States and internationally. She regularly helps clients across a broad industry spectrum to prepare privacy policies, terms of use, data processing agreements, and licensing agreements, and to negotiate commercial agreements. Leveraging her experience, Elizabeth also works to provide subject matter knowledge to help navigate data protection issues in M&A transactions. Snyder received her J.D., magna cum laude, from Syracuse University College of Law, holds an M.A. from the University of Virginia and a B.A. from Bowdoin College.
Associate Mary Ann Hanke (Birmingham) focuses her practice on M&A due diligence, regulatory investigations, tabletop exercises and counseling clients through proactive cybersecurity risk assessment. With a technical background, Hanke has detailed knowledge of how to reduce cyber risks and respond to cyber events. She received her J.D., magna cum laude, from Georgia State University College of Law and holds a B.S., also magna cum laude, in Industrial Engineering from Georgia Institute of Technology, where she is currently pursuing a masters in cybersecurity.
Associate Todd Panciera Jr. (Birmingham) helps clients to proactively manage and mitigate their business risks and guide companies through their legal and regulatory obligations in the aftermath of a security incident or privacy event. He has assisted with cybersecurity risk assessments, incident response planning, cybersecurity and privacy compliance, training, policy development and vendor contract negotiation. Panciera received his J.D. from the University of Alabama School of Law and holds a B.A. from the University of Alabama.
Associate Xeris (pronounced “Karis”) E. Gregory (Birmingham) focuses her practice on privacy and cybersecurity class action litigation and regulatory enforcement actions. She has earned the ANSI-Accredited Certified Information Privacy Professional/U.S. (CIPP/US) credential through the IAPP. Gregory received her J.D. from the University of Alabama School of Law and holds a B.S. from the University of Texas at Austin.
Technologist Leanne R. McAlpine (Birmingham) has almost thirty years of experience in the technology field and is well-versed in the underlying infrastructure and systems that support businesses. With deep knowledge in cybersecurity, she actively works with CISOs and CIOs to support efforts to respond and recover from incidents and offer guidance on how to mature programs to be more cyber resilient. She is a Certified Information Systems Security Professional (CISSP). She serves as a member of the Board of Directors of the InfraGard Birmingham Members Alliance and is a member of the Information Systems Security Association (ISSA). McAlpine holds a B.A. from the University of Alabama.
Source: www.polsinelli.com
