Full-Service Law Firm solving complex challenges through bold thinking, precise execution, and shared purpose.

Full Service Law Firm | Michael Best & Friedrich LLP

Specializing in the Intersection of Business &amp; Government

Meet our team of trusted advisors, strategic thinkers, and community builders dedicated to client success.

Learn about our full-service legal and business solutions, designed to address complex challenges for leading organizations across industries.

Access thought leadership, news, and resources to stay informed about the latest trends, legal developments, and industry innovations.

Discover how partnership, bold thinking, and precise execution drive results for clients nationwide.

Explore how our national reach and local expertise support clients across the United States and beyond.

Grow at a firm designed to bring out your best.

core/heading

Privacy and cybersecurity are top concerns in today’s boardrooms. Cyberattacks are becoming more commonplace. Companies are being fined millions of dollars for poor data handling practices, and in the process, losing clients. Businesses need legal partners who understand both the technical and regulatory landscapes.

core/paragraph

Michael Best’s Privacy &amp; Cybersecurity team provides legal counseling to support risk mitigation strategies and help clients to stay ahead of emerging threats. Our cross-disciplinary team advises on privacy and cybersecurity strategy, compliance, incident response, and litigation.

We work with global enterprises, startups, and public institutions to build resilient programs that align with business goals and regulatory demands.

Our Approach: Practical Counsel. Regulatory Insight. Real-World Experience.

Our attorneys have in-house experience and extensive backgrounds working with the highest levels of federal, state, and regulatory agencies. We also work with all sizes and types of clients, including those in heavily regulated or critical infrastructure industries such as communications, energy, financial services, healthcare, retail, and information technology. This gives us a combination of advanced insight into the thinking of regulators and direct experience in solving real-world privacy and security challenges.

We become an integral member of your team to develop, implement, and maintain a reliable corporate cybersecurity strategy. Our proactive approach involves assessing how data is managed identifying vulnerabilities and help build a customized compliance program to meet your, and your clients' specific needs.

If incidents do occur, we respond swiftly and strategically. Our team guides clients through breach management, regulatory investigations, and litigation support, working closely with internal stakeholders and external partners to contain risk, preserve privilege, to help protect your reputation.

Regulatory Compliance &amp; Date Protection

Michael Best provides full-service compliance counseling across the evolving spectrum of global privacy and cybersecurity law, under U.S. federal and state regulations and industry standards (e.g., CAN-SPAM, COPPA, GLBA, HIPAA, NYDFS, PCI-DSS, and FTC/FCC regulation); European Union regulations, including General Data Protection Regulation (GDPR); and Latin America and Asia-Pacific regional standards.

We take an innovative approach to managing regulatory issues, with the Best Privacy &amp; Cybersecurity Toolkit, an online platform that helps our clients manage compliance with a variety of regulatory frameworks, including the NIST Cybersecurity Framework and GDPR.

We also provide counsel on privacy and cybersecurity e-commerce issues including CAN-SPAM, TCPA, Do Not Call, E-Sign, internet privacy, and many others, keep our clients compliant with changes to rules and regulations, enabling our clients to achieve their business objectives.

contentpilot/accordion

Incident Preparedness &amp; Response

We help clients prepare for, respond to, and recover from cybersecurity incidents. Our services include developing tailored incident response plans, conducting on-site tabletop exercises, managing breach remediation, and supporting third-party investigations or claims.

When a breach occurs, we partner with trusted forensic and crisis management professionals to investigate and contain the incident, preserving attorney-client privilege throughout the process.

Our tabletop exercises are customized to reflect each client’s business, team structure, and risk profile. These simulations not only test readiness but also inform updates to response plans, helping clients mitigate future risk and meet evolving regulatory requirements.

Governance &amp; Risk Management

We help clients build strong governance frameworks and risk mitigation strategies that align with their business goals. Our integrated approach includes developing customized policies, procedures, and risk assessments designed to reduce exposure, support compliance, and protect reputational value.

Investigations, Dispute Resolution &amp; Litigation

We assist clients throughout internal audits and investigations, third-party disputes, federal and state government investigations, and regulatory enforcement actions, helping them navigate federal and state agencies and external auditors.

Our team also focuses on stakeholder preparation and counseling, working with individuals who are externally facing, to prepare them for media spotlight, testimony, depositions, and other public statements.

We strategically partner with our litigation team to provide clients with a full range of resources if litigation is imminent. Our team advises and provides support to the litigation team throughout

the process, assisting with case evaluation, discovery and settlement strategy, evaluating the merits of the claim, seeking indemnification where available, tendering to cyber insurance carriers and following protocols, all to achieve a beneficial outcome for our clients.

Supply Chain &amp; Vendor Management

We advise clients on privacy and cybersecurity risks throughout the vendor lifecycle, from pre-contract due diligence and contract negotiation to post-contract audits and exit strategies. Our team helps assess third-party risk, draft and negotiate data protection terms, and ensure ongoing compliance with contractual and regulatory obligations.

Emerging Technologies

As clients develop or adopt new technologies, we help them align innovation with evolving legal and regulatory expectations. Our team integrates privacy and cybersecurity considerations from the outset, applying the principles of Privacy by Design and Default to reduce risk and support long-term compliance.

Education &amp; Training

We help clients build a strong first line of defense by developing structured training programs that raise awareness of key privacy and cybersecurity risks. Our programs are tailored to your organization’s operations and culture, empowering employees to recognize threats, follow best practices, and support compliance efforts across the enterprise.

Interactive Gaming &amp; Online Sports Books

We counsel gaming industry clients on crucial privacy and data security issues, creating customized compliance programs that mitigate risk and support growth. We advise on the full spectrum of privacy and cybersecurity regulations at the state, federal, and global levels. Our experience includes developing privacy policies and terms of service that address gaming regulations across multiple states; counselling on issues related to third-party data transfers; and data breach incident preparation and response.

Represented various clients in assessing and responding to data breaches, managing multi-state breach notifications, including notification to regulators, and providing credit monitoring.

core/media-text

Negotiated data aggregation agreement between client and major financial institution to allow sharing of financial institution customer information with third parties.

Counseled on sharing of financial institution nonpublic personal information with non-affiliated third parties under joint marketing agreements and service provider agreements in order to increase and refine targeted marketing efforts

core/list-item

Advised on FCRA issues relating to firm offers of credit involving financial institution, credit bureau, and multiple service providers

core/list

Close-up of digital icons showing locks and binary code on illuminated keys, highlighting cybersecurity and data protection.

Privacy & Cybersecurity

Key Contact

Trending Conversations for Privacy & Cybersecurity

Michael Best Welcomes Elizabeth Wamboldt as Senior Counsel in Milwaukee, WI Office

Michael Best Recognized in 2026 “Best Law Firms” Rankings with Multiple National and Metropolitan Tier 1 Honors

Small Data Poisoning Can Compromise Large AI Models

Key Contact

Trending Conversations for Privacy & Cybersecurity

Michael Best Welcomes Elizabeth Wamboldt as Senior Counsel in Milwaukee, WI Office

Michael Best Recognized in 2026 “Best Law Firms” Rankings with Multiple National and Metropolitan Tier 1 Honors

Small Data Poisoning Can Compromise Large AI Models

Slide Menu

Slide Search