Lance Taubin

• Advising a large Fortune 10 health care organization through a ransomware attack, helping to lead the incident response efforts.
• Advised a prominent telecommunications provider in developing a comprehensive cyber crisis response plan to address the evolving cyber threat landscape.
• Representing multiple financial services organizations in regulatory investigations and examinations related to the company’s cybersecurity program, including the New York state attorney general and New York Department of Financial Services.
• Advised various public companies in navigating recent SEC cybersecurity disclosure rules.
• Advised multiple Fortune 500 companies experiencing cybersecurity incidents, including ransomware attacks, requiring complex forensic investigation, and extensive data review and restoration processes, as well as in follow-on regulatory inquiries.
• Advised a large, franchised restaurant group in developing a comprehensive written information security program.
• Advised multiple premier private equity companies in connection with cyber, web scraping and data privacy diligence for M&A transactions.
• Assisted a national auto lender in evaluating its cybersecurity maturity and prepare for multistate financial examination, assessing its IT infrastructure and practices against the New York State Department of Financial Services cybersecurity requirements.
• Advised various companies, including companies in the fintech, social media, and retail spaces on compliance with CCPA.
• Advised an identity access provider on the implementation of biometric identification for authentication and use of data for machine learning.
• Advised multiple SEC-registered investment advisers, broker-dealers, and public companies on their cybersecurity policies and procedures, including their cyber disclosures.
• Assisted large retail, telecommunications, and financial services companies in tabletop exercises of clients’ incident response plans.

Lance Taubin advises clients on cybersecurity and data privacy issues, including cybersecurity breach preparedness and response, cybersecurity and privacy compliance and enforcement, managing cyber risk, technology transactions, and M&A diligence. Lance’s work includes working with companies to proactively plan for a crisis and develop strategies to improve cyber resiliency, responding to cybersecurity incidents effectively, providing privacy, cybersecurity and artificial intelligence product counseling, assisting organizations in building and operationalizing privacy and cybersecurity programs, and various privacy, cyber, and IT issues in technology transactions and M&A. Lance provides counsel to a variety of companies, from startups to large multinational public companies, in various industries, including financial services, health care, telecommunications, retail, and technology.

Before joining private practice, Lance served as the Senior Vice President – Assistant General Counsel & Data Security Officer at a global business travel group where he was responsible for advising the company on the ever-changing data privacy and cybersecurity legal and regulatory landscape, including the GDPR and the CCPA. Additionally, Lance managed various matters relating to M&A diligence and technology transactions. Lance also fielded and managed a wide range of legal issues and projects, working closely with IT, information security, product/engineering team, and other key internal departments.

Lance is a Certified Information Privacy Professional, United States (CIPP/US and CIPM).

Bar Admissions

• New York
• District of Columbia

Education

• Yeshiva University (J.D., 2013)
• University of Rochester (B.A., 2010)

Memberships