FacultyFaculty/Author Profile
Lisa J. Sotto

Lisa J. Sotto

Hunton Andrews Kurth LLP

New York, NY, USA


Named among The National Law Journal’s “100 Most Influential Lawyers,” Lisa Sotto chairs Hunton Andrews Kurth LLP’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New York office.  She also serves on the firm’s Executive Committee.  Lisa has received widespread recognition for her work in the areas of privacy and cybersecurity.  She was voted the world’s leading privacy advisor in all surveys by Computerworld magazine and has received top rankings for privacy and data security by Chambers and Partners and The Legal 500.  Lisa serves as the Chairperson of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee. 

Featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine, Lisa provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness.  Since 2005, she has advised clients on more than 1,200 cybersecurity and data breach incidents in the U.S. and abroad, including many of the seminal events.  Lisa assists clients in identifying, evaluating and managing risks associated with privacy and data security practices.  She advises clients on GLB, HIPAA, COPPA, CAN-SPAM, FCRA, VPPA, security breach notification laws, and other U.S. state and federal privacy and data security requirements (including HR rules), and global data protection laws (including those in the EU, Asia and Latin America).  Lisa is the editor and lead author of the legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business. 

Lisa is chair of the International Privacy Law Committee of the New York State Bar Association, chair of the New York Privacy Officers’ Forum, and a former member of the Board of Directors of IAPP.  She received her J.D. from the University of Pennsylvania Law School, where she was an editor of the Law Review.  She received her B.A. from Cornell University, with Distinction in All Subjects.  Lisa is admitted to practice in New York.
 
Lisa J. Sotto is associated with the following items:
Interactive Learning Center  Interactive Learning Center Cybersecurity: Data Breach Scenario, Monday, February 06, 2017
Course Handbooks  Course Handbooks Eighteenth Annual Institute on Privacy and Data Security Law
Cybersecurity 2017: Managing Cybersecurity Incidents
Nineteenth Annual Institute on Privacy and Data Security Law
CHB Chapters  CHB Chapters SEC Cybersecurity Investigations: A How-to Guide, Westlaw Journal: Securities Litigation & Regulation—Volume 21, Issue 3 (June 11, 2015) - Eighteenth Annual Institute on Privacy and Data Security Law, Thursday, June 15, 2017
A How-To Guide to Information Security Breaches, BNA, Inc., Privacy & Security Law Report: Volume 6, No. 14, pp. 559–562 (April 2, 2007) - Eighteenth Annual Institute on Privacy and Data Security Law, Thursday, June 15, 2017
How to Safeguard Privacy and Data Security in Corporate Transactions, Corporate Counsel (February 22, 2016) - Eighteenth Annual Institute on Privacy and Data Security Law, Thursday, June 15, 2017
Privacy & Information Security Law Blog: Global Privacy and Cybersecurity Law Updates and Analysis—Update: Cybersecurity - Eighteenth Annual Institute on Privacy and Data Security Law, Thursday, June 15, 2017
Lisa J. Sotto and Aaron P. Simpson, A How-To Guide to Information Security Breaches, BNA, Inc. Privacy & Security Law Report (April 2, 2007) - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
United States Government Interagency Guidance Document, How to Protect Your Networks from Ransomware - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
Hunton & Williams LLP Privacy & Information Security Law Blog: Global Privacy and Cybersecurity Law Updates and Analysis (Including Attachments: 1-2) - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
Federal Trade Commission, Start with Security: A Guide for Business, Lessons Learned from FTC Cases (June 2015) - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
United States Department of Health and Human Services, Fact Sheet: Ransomware and HIPAA - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
United States Government Interagency Guidance Document, Ransomware: What It Is and What To Do About It - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
Hunton & Williams LLP, Client Alert, Privacy and Data Security Due Diligence in M&A Transactions (May 2017) - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
U.S. Department of Justice, Federal Bureau of Investigation, Office of Private Sector, Cyber Awareness - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
Lisa J. Sotto and Aaron P. Simpson, United States, Getting the Deal Through: Data Protection & Privacy (2017) - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
United States Federal Government Fact Sheet, Cyber Incident Reporting: A Unified Message for Reporting to the Federal Government - Cybersecurity 2017: Managing Cybersecurity Incidents, Monday, September 18, 2017
Hunton & Williams LLP, Privacy & Information Security Law Blog: Global Privacy and Cybersecurity Law Updates and Analysis - Investment Management Institute 2018, Thursday, March 22, 2018
Lisa J. Sotto and Aaron P. Simpson, A How-To Guide to Information Security Breaches, BNA, Inc. Privacy & Security Law Report (April 2, 2007) - Investment Management Institute 2018, Thursday, March 22, 2018
Hunton & Williams LLP, Client Alert, Privacy and Data Security Due Diligence in M&A Transactions (May 2017) - Investment Management Institute 2018, Thursday, March 22, 2018
A How-To Guide to Information Security Breaches, BNA, Inc., Privacy & Security Law Report: Volume 6, No. 14, pp. 559-562 (April 2, 2007) - Nineteenth Annual Institute on Privacy and Data Security Law, Monday, May 07, 2018
Hunton & Williams Client Alert: Privacy and Data Security Due Diligence in M&A Transactions (May 2017) - Nineteenth Annual Institute on Privacy and Data Security Law, Monday, May 07, 2018
Privacy & Information Security Law Blog: Global Privacy and Cybersecurity Law Updates and Analysis: Cybersecurity Update - Nineteenth Annual Institute on Privacy and Data Security Law, Monday, May 07, 2018
Web Segment  Web Segment Cyber Attack Simulation - Cybersecurity 2017: Managing Cybersecurity Incidents, Friday, September 15, 2017
Cybersecurity Attacks: A Survival Guide - Nineteenth Annual Institute on Privacy and Data Security Law, Wednesday, May 30, 2018
MP3 Audio  MP3 Audio Cyber Attack Simulation - Cyber Attack Simulation, Friday, September 15, 2017
Cybersecurity Attacks: A Survival Guide - Cybersecurity Attacks: A Survival Guide, Wednesday, May 30, 2018
Transcripts  Transcripts Cyber Attack Simulation - Cyber Attack Simulation, Friday, September 15, 2017
MP4 - Mobile Video Seg  MP4 - Mobile Video Seg Cyber Attack Simulation - Cyber Attack Simulation, Friday, September 15, 2017
Technology in the Asset Management Industry, Wednesday, May 02, 2018
Cybersecurity Attacks: A Survival Guide - Cybersecurity Attacks: A Survival Guide, Wednesday, May 30, 2018
On-Demand Web Programs  On-Demand Web Programs Cybersecurity 2017: Managing Cybersecurity Incidents, Thursday, September 21, 2017, New York, NY
Investment Management Institute 2018, Monday, May 07, 2018, New York, NY
Nineteenth Annual Institute on Privacy and Data Security Law, Wednesday, June 06, 2018, New York, NY
Live Seminar  Live Seminar Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, New York, NY
Cybersecurity 2018: Managing Cybersecurity Incidents, Tuesday, November 06, 2018, San Francisco, CA
Twentieth Annual Institute on Privacy and Data Security Law, Monday, May 20, 2019, New York, NY
Cybersecurity 2019: Managing Cybersecurity Incidents, Friday, September 13, 2019, New York, NY
Cybersecurity 2019: Managing Cybersecurity Incidents, Tuesday, October 15, 2019, San Francisco, CA
Live Webcast  Live Webcast Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, New York, NY
Cybersecurity 2018: Managing Cybersecurity Incidents, Tuesday, November 06, 2018, San Francisco, CA
Twentieth Annual Institute on Privacy and Data Security Law, Monday, May 20, 2019, New York, NY
Cybersecurity 2019: Managing Cybersecurity Incidents, Friday, September 13, 2019, New York, NY
PLI Grpcast-Live Web  PLI Grpcast-Live Web Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, New Brunswick , NJ
Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, Cincinnati, OH
Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, Columbus, OH
Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, Nashville, TN
Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, Atlanta, GA
Cybersecurity 2018: Managing Cybersecurity Incidents, Friday, September 14, 2018, Indianapolis, IN
Share
Email

  • FOLLOW PLI:
  • twitter
  • LinkedIn
  • YouTube
  • RSS

All Contents Copyright © 1996-2018 Practising Law Institute. Continuing Legal Education since 1933.

© 2018 PLI PRACTISING LAW INSTITUTE. All rights reserved. The PLI logo is a service mark of PLI.