Maida Oringher Lerner
Senior Counsel
Areas of Focus
- Cybersecurity, Privacy & Data Protection
- National Security & Global Investigations
- Government Contracts
- Digital Assets, Cryptocurrency & Blockchain
- Technology
- Transportation Policy & Regulation
- Regulatory
- Pro Bono
- Represents government contractors and critical infrastructure operators on cybersecurity and privacy matters.
- Regularly conducts cybersecurity training and incident simulations, develops response plans and leads privileged investigations.
Maida advises clients on cybersecurity and privacy compliance in a variety of sectors, including defense, energy, transportation, government contracts, health care and manufacturing. As part of an enterprise-wide compliance approach to evolving and complex security risks and standards, Maida helps clients mitigate the risk of cyber incidents through practicing responses to cyber and physical security incident simulations and developing incident response and insider threat plans and programs. Clients rely on her for practical and creative advice on new and complex regulatory requirements and government standards to protect sensitive and proprietary information. She also works closely with technical consultants on behalf of companies to conduct privileged vulnerability assessments and mitigation plans.
Maida regularly advises clients on developing legally compliant and efficient responses to data breaches and internal investigations and coordinates with technical experts after intrusions to conduct privileged forensic investigations. Her homeland security practice has a particular emphasis on critical infrastructure, chemical security, the SAFETY Act, and corporate compliance.
Maida also counsels clients on state data privacy laws. She has helped clients in a broad range of sectors stand up new and assess existing privacy programs, develop privacy policies and procedures, and comply with notification obligations in the event of a data breach.
Prior to moving to private practice, Maida served in the Office of General Counsel for a major electric utility company. She has participated in significant federal regulatory rulemakings and has represented clients in numerous proceedings before federal and state appellate courts and administrative agencies.
Maida is active in pro bono matters, with a focus on child custody issues.
- Advised government contractors and owners and operators of U.S. critical infrastructure on privileged cybersecurity, privacy and physical security risk assessments and compliance reviews.
- Advised clients in all U.S. critical infrastructure sectors on the development of cybersecurity and physical security policies, including incident response plans, insider threat programs, and governance frameworks.
- Facilitated simulated security incident exercises and developed training programs for owners and operators of U.S. critical infrastructure in all sectors to test response plans, in coordination with technical consultants under privilege.
- Advised clients in all U.S. critical infrastructure sectors on the development of enterprise-wide and global privacy policies, including privacy notices, user agreements and assessment of incident notification obligations.
- Represented a transportation sector trade association in securing competitive federal funding for a state-of-the-art cyber threat information-sharing network.
EducationJ.D., Boston University School of Law
B.A., University at Albany, State University of New York, summa cum laude
J.D., Boston University School of Law
B.A., University at Albany, State University of New York, summa cum laude
Bar AdmissionsDistrict of Columbia
New York
District of Columbia
New York
- International Association of Privacy Professionals
- Presenter, "Cybersecurity Table Top for a Congressional Cyber Security Lab Program," Wilson Center, Washington, D.C., June 10, 2016.
- “Critical Infrastructure: Updating the 2013 NIPP and other Risk Mitigation Actions,” Privacy and Cybersecurity Outlook: The 2024 Landscape, May 14, 2024.
- “The Impact Of The Cybersecurity Maturity Model Certification On The Defense Industrial Base,” Contract Magazine, May 1, 2024.
- “Solarwinds Whips Up a Software Cybersecurity Storm,” Contract Management Magazine, January 2024.
- “The Road To CMMC: Where We Started And Where We Are Headed,” Westlaw Today, Reuters, March 30, 2023.
- “Cybersecurity Provisions Proliferate in the National Defense Authorization Act,” Government Contracting Law Report, March 15 2022.
- “How To Comply With New Multiline Telephone System Rules,” Law360, February 9, 2022.
- “A New Flightpath For Cybersecurity,” ACC Docket, September 8, 2021.
- “Navigating The SolarWinds Supply Chain Attack,” The Procurement Lawyer, March 25, 2021.
- “Florida Water Cyberattack Shows Need For National Defense Response,” Bloomberg Law, February 23, 2021.
