Skip to main content

Nixon Peabody LLP

  • People
  • Capabilities
  • Insights
  • About
Trending Topics
    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    Practices

    View All

    • Affordable Housing
    • Community Development Finance
    • Corporate & Finance
    • Cybersecurity & Privacy
    • Entertainment & Media
    • Environmental
    • Franchising & Distribution
    • Government Investigations & White Collar Defense
    • Healthcare
    • Intellectual Property
    • International Services
    • Labor, Employment, and Benefits
    • Litigation
    • Private Wealth & Advisory
    • Project Finance
    • Public Finance
    • Real Estate
    • Regulatory & Government Relations
    Industries

    View All

    • Aviation
    • Cannabis
    • Consumer
    • Energy
    • Financial Services
    • Healthcare
    • Higher Education
    • Infrastructure
    • Manufacturing
    • Nonprofit Organizations
    • Real Estate
    • Sports & Stadiums
    • Technology
    Value-Added Services

    View All

    • Alternative Fee Arrangements

      Developing innovative pricing structures and alternative fee agreement models that deliver additional value for our clients.

    • Continuing Education

      Advancing professional knowledge and offering credits for attorneys, staff and other professionals.

    • Crisis Advisory

      Helping clients respond correctly when a crisis occurs.

    • DEI Strategic Services

      Providing our clients with legal, strategic, and practical advice to make transformational changes in their organizations.

    • eDiscovery

      Leveraging law and technology to deliver sound solutions.

    • Environmental, Social, and Governance (ESG)

      We help clients create positive return on investments in people, products, and the planet.

    • Global Services

      Delivering seamless service through partnerships across the globe.

    • Innovation

      Leveraging leading-edge technology to guide change and create seamless, collaborative experiences for clients and attorneys.

    • IPED

      Industry-leading conferences focused on affordable housing, tax credits, and more.

    • Legal Project Management

      Providing actionable information to support strategic decision-making.

    • Legally Green

      Teaming with clients to advance sustainable projects, mitigate the effects of climate change, and protect our planet.

    • Nixon Peabody Trust Company

      Offering a range of investment management and fiduciary services.

    • NP Capital Connector

      Bringing together companies and investors for tomorrow’s new deals.

    • NP Second Opinion

      Offering fresh insights on cases that are delayed, over budget, or off-target from the desired resolution.

    • NP Trial

      Courtroom-ready lawyers who can resolve disputes early on clients’ terms or prevail at trial before a judge or jury.

    • Social Impact

      Creating positive impact in our communities through increasing equity, access, and opportunity.

    • Women in Dealmaking

      We provide strategic counsel on complex corporate transactions and unite dynamic women in the dealmaking arena.

    1. Home
    2. Insights
    3. Videos
    4. Cybersecurity and Data Breach Response

      Videos

    Cybersecurity and Data Breach Response

    April 1, 2025

    LinkedInX (Twitter)EmailCopy URL

    By Jenny Holmes and Jason Kravitz

    Guests Tony Martino and Rolin “Bud” Peets share best practices for investigating, mitigating, and remediating cybersecurity and data breach incidents on “A Little Privacy, Please!”

    A Little Privacy, Please!

    Guests Tony Martino and Rolin “Bud” Peets share best practices for investigating, mitigating, and remediating cybersecurity and data breach incidents on “A Little Privacy, Please!”

    Welcome to another episode of “A Little Privacy, Please!”

    Today, we’re thrilled to introduce two guests we regularly collaborate with in the real world: Tony Martino, President of Anjolen, and Rolin “Bud” Peets, Chief Protection Architect at Harbor IT. Each of us brings a unique set of experiences to our clients, helping them investigate, mitigate, and remediate cybersecurity and data breach incidents. In today’s episode, we discuss best practices and insights for handling these breach situations.

    So, Tony and Bud, welcome to the show—let’s dive right in!

    Let’s begin by outlining your respective roles in a cybersecurity and data breach incident.

    Rolin “Bud” Peets (RBT): We’ll use our last big case as an example because it was really all-encompassing.

    Harbor IT came in after we received a call that one of our brand-new customers was in trouble due to a potential incident. Harbor IT helps contain, identify, and conduct initial investigations regarding the threat actor involved in that particular incident. That’s the IT side. Separate from that is Harbor IT Cyber, which I lead. I stepped in from a cybersecurity and data privacy perspective. I’m certified in both and try to straddle that fence.

    We quickly realized we had issues that would likely lead to some type of reporting, and we weren’t entirely sure what was happening in the customer’s tenant. We needed expertise, like forensics expertise, and that’s where we all came together.

    Tony, Anjolen, and their great team, along with Jenny Holmes and Nixon Peabody, were fantastic. We pulled those pieces together, and that’s how we partner on these things. We move quickly, recognizing the significance and getting the right people involved. We facilitate the response and remediation. Now we’re fully engaged in IT management from a Harbor IT perspective, and I’m building out their security program.

    Tony Martino (TM): Anjolen comes to the table in these types of incidents very much on a cybersecurity incident response basis. Our skillset is rooted in cybersecurity assessments, penetration tests, risk assessments, and vulnerability assessments. We bring a whole suite of incident response capabilities to the client. Most specifically, as Bud mentioned, digital forensics.

    It’s our ability to examine the evidence and artifacts left after an incident has occurred, helping our client understand how the threat actor gained access, compromised, breached, etc. We then collectively assist them in plugging those holes and mitigating those gaps.

    Lastly, using our skills, especially digital forensic skills, we help the customer recover where possible, retrieve lost data, and get their entire operation back on track.

    If you could offer just one crucial piece of advice to a company or organization aiming to avoid becoming the next data breach victim, what would it be?

    TM: The one thing is protecting your data. Cybersecurity is so holistic. There are so many things to pay attention to, including physical security and data security, both external and internal. To me, if you can lock up and protect your information through a process we normally refer to as encryption, wherever that data is—whether at rest, in storage, or being transmitted to another party, a customer, a vendor, or an employee—using high-level modern encryption to protect and secure data wherever it lies is probably the greatest thing you can do to secure it.

    Could you elaborate on how encryption is used to protect data? Additionally, are there instances where bad actors can exploit encryption?

    TM: Like so many tools, encryption can be a double-edged sword.

    So, how is it used? Practically, encryption at its core is taking information and scrambling it. The key to unscramble it is very sophisticated and, with modern encryption, just can’t be done by a threat actor at will.

    So, thinking about if I need to transfer sensitive information about my employees to the company that handles our payroll, taking that data and securing it using strong encryption so that as it’s passing through the email system, passing through the internet, even when it lands at the payroll company’s computers, we want to control who is allowed to access it and who’s allowed to turn it back into that humanly readable data. And strong modern encryption can do that for us.

    It can also help protect even against physical theft using encryption on phones and laptops and external media like thumb drives. Should any of those get lost or stolen, encryption could ensure that no one else can discover the data.

    Can encryption be used against us? Unfortunately, the answer is yes, most commonly referred to as ransomware, which is where a threat actor intrudes on a customer’s network or data storage location and encrypts their data, the customer’s data, the target’s data in a manner that can’t be reversed easily, and the threat actor then holds that data hostage for ransom until the victim pays up.

    So yeah, encryption is our savior, but sometimes it can also be a threat as well.

    Data backups are crucial for an organization to recover and resume operations after a breach. What advice would you give to a smaller company or nonprofit, which may not have a large IT team or budget, how should they set up their backups to ensure they can seamlessly get back to business after an attack?

    RBM: To me, it’s crucial for any company, whether small or large, to know what data they collect, store, process, and transmit. For example, personally identifiable information or business confidential data. The key is knowing what it is, where it is, and whether you are backing it up.

    If you’re hybrid, like most organizations now, make sure that your MSP or third-party service provider is backing it up for you. Don’t assume they are; it may be an additional service you have to purchase. Know where it is, know what it is.

    Additionally, consider your obligations from a regulatory or legal perspective regarding retention. I fully believe in the minimization of data and systems—the less you have, the better off you are. Hopefully, these concepts come together to help minimize risk for an organization.

    Regarding backups, use reputable cloud-based service providers or some other type of replication that will protect you and your data from being impacted by ransomware.

    We’ve been discussing a breach we recently worked on together, and I noticed that both of you mentioned the hacker didn’t fit the typical profile. What would you say defines a “typical” hacker these days, and what trends are you observing?

    TM: I say this almost tongue in cheek; I tell people, these aren’t your father’s or your grandfather’s hackers anymore.

    We have this notion in our head, largely driven by media and movies, of hackers being teenage kids living in their mother’s basement, wearing a dark hoodie, no lights on, and really just poking around, not for a reason. Maybe just for the fun of it, maybe just to prove they can, occasionally to get someplace that’s of value to them, like changing their high school grades.

    That’s not what we’re facing anymore in the world. Today, it’s a business. Hackers are very well organized. In some cases, they’re nation-state backed—you’re talking about an entire country training, funding, and equipping a team of hackers the same way you would train, fund, and equip a military group. That’s what we’re facing.

    And the name of the game today, in some places, are things like national secrets and espionage. But for our purposes and the clients we work with, the name of the game normally is money. And these are very, very efficient operations of highly skilled people who are operating like any large corporation you deal with. They have policies and procedures, and they have training programs and certifications. And it’s not as simple as just trying to shake off a 15-year-old who has a thing for your business and just keeps poking at you because they either don’t like you or they saw your sign driving down the street. We’re facing adversaries now with means and skills and talents that, in many cases, overwhelm many customers’ abilities to defend against them.

    A Little Privacy, Please!

    Practices

    Cybersecurity & Privacy

    Insights And Happenings

    • Video

      Professor Mary Anne Franks on Privacy and the First Amendment

      Cybersecurity & Privacy
      April 21, 2025
    • Alert

      FCC partially delays new TCPA consent revocation rules

      April 11, 2025
    The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    • Cookie Preferences
    • Privacy Policy
    • Terms of Use
    • Accessibility Statement
    • Statement of Client Rights
    • Purchase Order Terms & Conditions
    • Nixon Peabody International LLC
    • PAL
    © 2025 Nixon Peabody. All rights reserved