Sarah advises clients across the full spectrum of cybersecurity risk management, including proactive advisory and compliance services, risk assessments, technology contracts and vendor risk management, and security incident response.
As an ANSI-Accredited Certified Information Privacy Professional/United States (CIPP/US) from the International Association of Privacy Professionals (IAPP), Sarah has extensive experience guiding clients through the legal and business aspects of cyber risk mitigation.
She has performed hundreds of cybersecurity risk assessments for private equity portfolio companies and has advised a variety of organizations, from Fortune 500 companies to tech start-ups, across all industry verticals.
Clients appreciate Sarah’s ability to simplify the complex and handle high pressure situations with an even-keeled manner, focusing on pragmatic business solutions to cyber risk issues.
She is a frequent speaker and author on cybersecurity risk management topics and former adjunct cybersecurity law professor.
Experience
- Guiding clients through cybersecurity incident response
- Facilitating cybersecurity risk assessments
- Developing cybersecurity policies, procedures and governance programs to align with regulatory requirements
- Performing cybersecurity awareness and incident response readiness training and tabletop exercises
- Negotiating cyber risk issues in technology contracts (vendor and customer)
- Providing strategic advice during transactions involving cybersecurity risk
- Evaluating cyber liability insurance coverage
