Managing the hypercomplexity of cyber security regulation: In search of a regulatory Rosetta Stone

Author's Biography

F. Paul Greene is a partner and the Privacy & Data Security Practice Group Leader at Harter Secrest & Emery LLP. Paul represents clients in a wide range of industries concerning all aspects of proactive preparation and risk management, including security and vulnerability assessments, policy and procedure review, breach response planning and drills, as well as board and management education on cyber risk and privacy issues. Post-breach, Paul and his team provide a full array of reactive services, including breach coaching and response, crisis management and communication, internal and governmental investigations, breach notification and potential litigation or regulatory action including under the EU’s General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA) and the upcoming California Consumer Privacy Act (CCPA). Paul is a Certified Information Privacy Professional/ United States (CIPP/US) recognised by the International Association of Privacy Professionals (IAPP) and is a Distinguished Fellow of the Ponemon Institute. He has also been recognised by Chambers USA: America’s Leading Lawyers in Business since 2015 for his strong reputation and knowledge, especially in the field of complex commercial litigation. He publishes and speaks internationally on privacy and information security issues and is an adjunct professor at the Rochester Institute of Technology, teaching information security policy and law to computer science and cyber security students, both on the graduate and undergraduate levels. Paul received his JD from Fordham University, his PhD from New York University and his BA from the University of Rochester.