Shook Receives NetDiligence Breach Coach Certification

Shook, Hardy & Bacon is proud to announce that it has been named a certified Breach Coach® by NetDiligence®, a formal recognition for “demonstrated excellence in data security and privacy services.” 

Only highly experienced law firms are considered for Breach Coach designation. Firms must handle a minimum of 50 incidents per year and undergo a careful vetting process to become an authorized Breach Coach.

A Breach Coach firm plays a crucial role in all stages of a cyber incident, including:

  • Proactive counseling - developing incident-response plans; conducting cyber-risk assessments; creating cyber-awareness programs; ensuring regulatory compliance.
  • Incident response - serving as the central coordinator during a live incident; working with forensic experts, IT teams and insurers; advising on legal obligations; and minimizing risk.
  • Post-incident - guiding organizations through regulatory investigations, litigation risks and compliance reviews; advising on security improvements to prevent future incidents.

“It’s an honor to receive this certification, which is a testament not just to the excellence of the work we do, but a reflection of the experience and leadership of our lawyers and their dedication to our clients,” said Colman McCarthy, who leads the cybersecurity and incident-response team as part of Shook’s Privacy and Cybersecurity Practice. 

Shook’s Privacy and Cybersecurity Practice works with companies to triage ongoing incidents and coordinate all aspects of the response, from investigation through notification and regulatory inquiries. The group’s experience spans a broad spectrum of industries, including healthcare, manufacturing, financial, insurance, educational, retail, energy, government and tech. 

Beyond the initial incident response, the firm has represented numerous clients in responding to state attorneys general across the country, as well as prominent state and federal sectoral regulators such as the Health and Human Services Office for Civil Rights and the New York Department of Financial Services. And when an incident leads to class-action litigation, Shook has a decorated group of privacy litigators to assist.

Shook also advises clients on the wide range of laws that affirmatively impose a duty on businesses to maintain an information-security program—from those simply requiring “reasonable security” at a high level to highly prescriptive and granular laws.

“I'm very proud of the team we’ve built here. You never want a client to have to live through a cybersecurity incident but it’s unfortunately often a case of ‘when,’ not ‘if,’” said Al Saikali, Chair of Shook’s Privacy and Cybersecurity Practice. “We’re thankful for all the great organizations that have trusted us to guide them through every stage of a cyber crisis, from escalation to resolution.”