Privacy, Cybersecurity, + Critical Infrastructure

FH+H's Privacy, Cybersecurity, + Critical Infrastructure group serves domestic, foreign, and multinational clients of all sizes by helping plan and implement strategies to manage cyber risks, anticipate and respond to physical and cybersecurity incidents, work with government regulators, and conduct business seamlessly in the global marketplace.

Services + Solutions


  • Review, draft, and rehearse policies and plans.
  • Involved in investigations and civil suits.


  • Understand and respond to data reach notifications.
  • Maintain compliance with the EU General Data Protection Regulation.
  • Maintain compliance with U.S. and state privacy laws.


  • Maintain compliance with government contracting requirements.
  • Counsel cyber operators, corporate officers, and boards on cyber activities and security breaches.

Critical Infrastructure

  • Maintain compliance and file with federal and state critical infrastructure regulators.
  • Defend against regulatory enforcement actions.

Experience + Capabilities

FH+H attorneys have experience drafting U.S. legislation, regulations, and critical infrastructure policies. Our team includes:

  • A Certified Information Privacy Professional, U.S. Private Sector (CIPP/US).
  • A former senior U.S. government attorney addressing cybersecurity, telecommunications, chemical, nuclear energy, and other infrastructure issues.
  • A legal advisor to intelligence, law enforcement, and cybersecurity operations teams.
  • A member of a National Academies Committee studying Improvised Explosive Devices.
  • A professor of cybersecurity and national security who has authored numerous law review articles.

Successes + Clients

Note: Case results depend on a variety of unique factors, and do not guarantee or predict similar results for future cases. 

  • Working with a cyber forensics team, FH+H attorneys helped a company identify a data breach and notify victims and attorneys general in three states.
  • Investigated insider threat for a government contractor.
  • Advised the board of a government contractor on strategic cyber risk management objectives.
  • Drafted and negotiated a contract to provide cybersecurity services to a large regional content provider on behalf of a foreign company.
  • Determined the appropriate Commerce Department export classification of encryption software and tools for a government contractor.
  • Assessed data aggregation TTPs, privacy, and cyber operations implications for a government contractor.

To learn more about how FH+H lawyers can help with your privacy, cybersecurity, and critical infrastructure needs please contact one of our professionals.