Regulating Data Privacy in an Interconnected World: How Far Does California's New Law Reach?
Jennifer Martin is a Partner with the Cyber, Privacy & Data Innovation Practice. She counsels clients on complying with cybersecurity regulatory expectations and best practices across industries, including for large critical infrastructure companies in the technology, energy, health care, financial, and transportation sectors.
She focuses on a range of cybersecurity projects for clients, including advising on cybersecurity program compliance and resiliency on an industry-by-industry basis; managing significant security incidents and providing cross-disciplinary incident response planning; drafting commercial contract terms and requirements for purchasers and vendors as part of managing cybersecurity risk; and conducting cybersecurity due diligence in M&A transactions. Jennifer’s holistic, company-wide incident response planning and risk management counseling are informed by more than 18 years of handling significant cyber incidents from a variety of legal and technical perspectives. She has significant experience managing the response and investigation into sophisticated cybersecurity attacks impacting systems and information, including those attributable to nation-states, insider thefts of intellectual property, and data breaches of all sizes and significance. She works directly with personnel at all levels of an impacted organization and across disciplines, including directly with IT security personnel, to ensure coordinated and protected response investigations. As a former federal prosecutor, she is also frequently involved in coordinating with law enforcement and government agencies in a range of cybersecurity matters.
Jennifer leverages her technical and legal experiences in-house, with her experience as a forensic consultant and outside counsel to provide practical, implementable advice on risk management. She is often asked to facilitate between legal counsel and security personnel to manage cybersecurity risk, and to ensure that security controls and company practices are compliant with industry standards. She also works across industries to counsel clients on evolving legal requirements, including drafting comments on pending regulation, counseling on information sharing and threat intelligence programs, and providing guidance with respect to emerging technologies, with particular experience counseling clients on a range of issues associated with the secure development, deployment, and collection of data across the Internet of Things (IoT) ecosystem and throughout the product lifecycle.
Jennifer’s early work as a federal and local cybercrime prosecutor and policymaker within the DOJ’s Computer Crime & Intellectual Property Section provides her with historical insight into the evolving threat landscape and the consequent law enforcement and regulatory responses. In addition, Jennifer served as director of cyber incident response and operations and lead in-house internal investigations counsel at Symantec, was a Managing Director of Stroz Friedberg, a global forensic consulting firm, and led her previous firm’s west coast cybersecurity practice.