Our Website Uses Cookies 

We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.

For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

Our Cybersecurity practice has unsurpassed experience addressing the most significant cybersecurity matters confronted by commercial enterprises. We have assisted clients in responding to scores of cybersecurity incidents, ranging from security breaches perpetrated by inside actors, to sophisticated external attacks involving millions of customer and employee records, to several of the largest cyber-related financial crimes on record. These incidents have spanned a broad range of industries, including financial services, pharmaceuticals, media and Internet content companies, retail, technology, communications, defense, energy, software, travel-related services, and data-based services companies. Many of these incidents have been global in nature.

Our cybersecurity lawyers and advisors are based on both coasts of the United States, and in Europe and Asia. We regularly work with multinational companies on the full lifecycle of cybersecurity events, including development of internal compliance policies and incident response planning; incident response, investigation, and remediation; and defense of claims and pursuit of recoveries. We have unparalleled depth across a range of practice areas that intersect with cyber-related risks, including insurance, litigation, corporate governance, and regulatory compliance, to name a few.

Enterprises face threats from multiple vectors, including, among others, state-sponsored actors, criminal organizations, hactivists, competitors, and insiders—with potential for incidents that may include denial-of-service attacks, theft of funds or IP, breaches of payment card data and other sensitive customer information, and other significant compromises. Unlike many other firms, Covington does not approach cybersecurity as simply a subset of our broader privacy practice. Rather, we take a truly multi-dimensional, cross-disciplinary approach, taking into account not only privacy law, but also the potential impact of any particular threat vector on U.S. national security and the integrity of critical enterprises internationally. 

Our team includes former senior officials from the Department of Homeland Security and Department of Justice, and we regularly engage with those agencies, as well as the Federal Trade Commission, Federal Bureau of Investigation, Department of Defense, and other federal and international agencies as well as State Attorneys General and EU, Asian, and Latin American data protection authorities, on defending against and responding to cyber threats.

Our areas of focus include:

  • Preparedness and counseling
  • Incident response and investigations 
  • Regulatory advice and compliance
  • Risk management and insurance coverage 
  • Litigation—class action defense 
  • European and international data protection


  • Global Data Review 100, "20 Elite" (2020)