Lisa Sotto


Named among The National Law Journal’s “100 Most Influential Lawyers,” Lisa Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New York office. She also serves on the firm’s Executive Committee. She has received widespread recognition for her work in the areas of cybersecurity and privacy. Lisa is recognized as a “leading lawyer” by The Legal 500 United States for cyber crime, data protection and privacy. She was named among the “Incident Response 30” by Cybersecurity Docket in 2018, and recently was named one of seven “Women in Security PowerPlayers” by SC Media. She also was voted the world’s leading privacy advisor in all surveys by Computerworld magazine and has received top rankings for privacy and data security by Chambers and Partners. Lisa serves as the Chairperson of the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee.

Featured as “The Queen of Breach” in an article by New York Super Lawyers Magazine, Lisa provides extensive advice on cybersecurity risks, incidents and policy issues, including proactive cyber incident readiness. Since 2005, she has advised clients on more than 1,600 cybersecurity and data breach incidents in the U.S. and abroad, including many of the world’s seminal events. She has handled numerous cyber incidents and data breaches involving industrial control systems, proprietary business information, and virtually every type of personal information. Lisa regularly meets with senior management to discuss cybersecurity legal developments, and has led numerous full board and audit committee discussions on these topics.

Lisa has been profiled in numerous publications including the Crain’s New York Business feature “Lawyer Goes Into the Breach” and the SC Magazine feature “Women of Influence.” She is the editor and lead author of the seminal legal treatise entitled Privacy and Cybersecurity Law Deskbook, published by Aspen Publishers, Wolters Kluwer Law & Business.

Lisa is chair of the New York Privacy Officers’ Forum and a former member of the Board of Directors of the International Association of Privacy Professionals. She received her J.D. from the University of Pennsylvania Law School, where she was an editor of the Law Review. Lisa received her B.A. from Cornell University, with Distinction in All Subjects. She is admitted to practice in New York.

My Sessions

Cybersecurity Oversight and Governance: Managing the Risk

Main Stage

Cybersecurity is now well understood to be a high-level governance issue. Boards of Directors have oversight responsibility for cybersecurity risks faced by the companies they supervise. In addition, the U.S. Securities and Exchange Commission (SEC) has taken an active role in recent years regulating businesses in connection with cyber risks and incidents, bringing significant and […]

Keynote Risk Management