Butzel’s Cybersecurity and Privacy Specialty Team is more than a quick marketing response to the latest cyber breach news cycle. Our clients know they can depend on our experienced attorneys when dealing with this acutely sensitive issue. Drawing from a wide spectrum of practice areas, our Team brings well-vetted best practices and practical solutions to our diverse client base.


Preventing a cybersecurity event before it occurs is the best line of defense. We strive to work with clients to ward off potential breaches before they can occur. Our Team possesses years of experience and lessons learned in the industry when it comes to conducting the necessary risk assessments and system audits—in conjunction with licensed forensic experts—to expose and remedy cyber and human behavioral vulnerabilities.

Butzel’s goal is to identify susceptibilities and protect our clients and their businesses. We work to determine what our clients’ assets are, where they are, and how they are protected. Once our assessment is completed, we work to implement and harden defenses using hardware, software, policies, and training that will equip our clients to respond more effectively in the face of cybersecurity intrusions and data privacy breaches.

In the unfortunate event a breach has occurred, we have experience in responding to nationwide data breaches for retail companies, service organizations, and manufacturers. A swift response from cybersecurity professionals is critical when the cyber intrusion event occurs. Deploying the forensic team to assess the nature and extent of the breach/infiltration/exfiltration is a necessary first step. Results from this investigation inform members of our Cybersecurity Team as they evaluate what laws may have been implicated and whether notification is required.

Prior to and after a cybersecurity event occurs numerous elements are involved and legal ramifications often cross over many practice areas. Our Cybersecurity and Privacy Specialty Team prides itself on its collaborative style—and necessarily so—given the response demanded by the circumstances.

Pre-Cyber Incident Services:

  • Cyber Risk Assessment
    • Forensic Scanning & Review
    • Policy Review & Drafting
    • Inventory Assets / Protection Planning
    • Incident Response Planning
    • Tabletop Drills
    • Cybersecurity Awareness and Response Training

Post-Cyber Incident Services:

  • Cyber Incident & Breach Response
    • Retention of Licensed Forensic Team
    • Notification to Insurance Carrier
    • Breach Response & Assessment
    • Coordination with Applicable Law Enforcement
    • Coordination of Communications to Customers / Clients / Media
    • Breach Mitigation
    • Legal Notifications / Response
    • Lessons Learned—Cybersecurity Awareness and Response Training
    • Policy Review / Revision
    • Post-Incident Communications to Address Potential Damage to Reputation

Data Privacy and Protection

Privacy and data protection is one of the most rapidly changing areas in the legal realm. Laws are in a constant state of flux on an international, federal, state, and local level and regulatory bodies regularly issue updates and new guidelines. We are ready to assist clients whether they are transferring data internationally, dealing with various industry sector frameworks for the protection of personal information, mitigating risks through policies and best practices, or even adapting to privacy by design for new and emerging technologies.

The attorneys comprising the Cybersecurity and Privacy Specialty Team are renowned in this area of practice and frequently serve as speakers at events throughout the country. Team members have served on the American Bar Association (ABA) Cybersecurity Legal Task Force and as presenters at MEMA, The Vehicle Suppliers Association.

Practice Leadership


Alerts & Publications

Client Alerts

News & Events


Jump to Page

By using this site, you agree to our updated Privacy Policy and our Terms of Use.