As chair of the Cybersecurity & Data Privacy practice at Woods Rogers Vandeventer Black (WRVB), Beth’s practice is fully devoted to cybersecurity and data privacy. Clients ranging from local government and state agencies to mid-market firms and Fortune 200 companies depend on Beth for advice and counsel. Her clients span industries such as banking, healthcare, manufacturing, high-tech, and energy. She has deep experience counseling clients pioneering new technologies, including in the intersection of artificial intelligence (AI) with privacy regulatory concerns.

Beth’s credentials in the field are extensive. She is a certified Privacy Law Specialist by the International  Association of Privacy Professionals (IAPP), which is accredited by the American Bar Association. In addition, she is a Certified Information Privacy Professional with expertise in both U.S. and European law (CIPP/US & CIPP/E) and a Certified Information Privacy Manager (CIPM), also from the IAPP.

In addition to client work, Beth contributes thought leadership across the cybersecurity and data privacy communities. In 2022, Beth was appointed by the Governor of Virginia to the Commonwealth’s first Cybersecurity Planning Committee for local and state governmental entities. Beth writes extensively for OneTrust Data Guidance on the nuances of Virginia’s new data privacy law as a OneTrust Data Privacy Expert. Beth is also a frequent contributor to the national cybersecurity journal Dark Reading, where she writes about the intersection of law, privacy, cybersecurity, and technology.

Beth has been recognized repeatedly in lawyer-ranking publications including Best Lawyers in America, Virginia Super Lawyers, and Virginia Business. Virginia Lawyers Weekly has named her an “Up & Coming Lawyer” and an “Influential Women in Law.” She has been featured as a data privacy expert by OneTrust Data Guidance in their international magazine spotlighting global privacy professionals.

Representative Experience

Cybersecurity Incident Response Experience

  • Beth specializes in critical infrastructure incident response. This experience has made her adept at guiding rapid recoveries after ransomware incidents, having led dozens of ransomware recoveries across a broad range of industries and in the critical governmental sector.
  • Beth has managed high-stakes cyber incidents as lead breach counsel in the financial, healthcare, energy, and governmental sectors and knows firsthand the nuanced interplay of industry-specific regulations such as GLBA, HIPAA, and NERC CIP on cybersecurity incident response. Beth is a hands-on leader, diving into the details of network maps and IT asset inventories alongside clients and elite forensic teams to rebuild a downed enterprise quickly and efficiently. She has engaged some of the best forensic and crisis communication teams in the country on behalf of her clients, using deep experience to quickly navigate the uncertainty after a cyber incident.
  • She has counseled public companies on “materiality” determinations under the Securities and Exchange Commission and has assisted in the rapid drafting of 8-K and 10-Q publications. Beth has experience serving as special counsel to audit committees and board executive committees during ransomware incidents.  She has helped entities navigate ransom payment considerations, including OFAC concerns.

Privacy Compliance Experience

  • Beth has helped companies build privacy programs from the ground up and led major regulatory compliance rollouts including those under GDPR, UK GDPR, PIPEDA, CIPL, LGPB, CCPA, and beyond. Beth specializes in business to business (“B2B”) privacy compliance programs, with deep experience in the special nuances associated with the B2B arena.
  • She has drafted data impact assessments, privacy impact assessments, privacy policies, and has built programs applying “privacy by design.” She works with her clients daily to spot privacy risks associated with their businesses both local and global.
  • She helps clients navigate data transfers to and from the U.S., including by navigating standard contractual clauses and transfer impact assessments.
  • Beth works with those pioneering ad tech and behavioral advertising to assist in compliance related to business development.

Cybersecurity & Privacy Contract and M&A Experience

  • With the rise of third-party vendor risk, Beth has developed third-party vendor / supplier vetting programs including by building out vetting programs for large-scale procurement departments.
  • On high-stakes contracts, Beth is often brought in by global legal departments to negotiate cyber and privacy-related risks. In this capacity, she has negotiated countless information security addendums, data privacy supplements, and both vendor and customer-facing security and privacy contracts on both the customer and supplier side. Beth’s team is accustomed to serving as “overflow support” for the tech lawyers on the in-house legal team, working to seamlessly provide support to the business and legal teams for her clients.  She also has assisted clients on privacy-related M&A issue spotting, deal terms, and due diligence.

Cybersecurity Resilience and Cyber Insurance Experience

  • Beth is a strong proponent of cyber resilience efforts and often advises on cyber insurance on behalf of her private clients. She counsels clients on the protective measures they can take before a cybersecurity crisis strikes, often providing advice to the C-Suite, Audit Committees, and Board of Directors. In this way, she is truly a “CISO’s lawyer.”

Thought Leadership

Published Articles

Attorney Perspectives

Featured Posts

Speaking Engagements

  • Strafford | Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements
    April 25, 2024
  • Strafford GC’s Role in Ransomeware, Cyber Insurance Webinar
    February 29, 2024
  • 2024 ODBA Winter Meeting | Generative AI in the Legal Profession: A Legal Perspective on Artificial Intelligence Risk, Remedies, and Governance
    February 2, 2024
  • Events 4 Sure - Global Legal & IP Education | The Compliance Chasm: Business Practicality vs. Consumer Privacy Acts
    November 29, 2023
  • VCU School of Business: Risk Management and Insurance Program | Living on the Edge: The Intersection of Artificial Intelligence and Cybersecurity
    September 21, 2023
  • VBA Annual Corporate Counsel Fall Forum | Virginia Data Protection Law Update
    September 15, 2023
  • (ISC)2RVA August 2023 Chapter Meeting | Buckling in for the Wild Ride: Cyber Insurance, Incident Response, and Preparing for an Actual Breach from a Legal Perspective
    August 31, 2023
  • Commonwealth of Virginia Security Conference | Rogue Cybersecurity: Examining AI and Risk from a Legal Perspective
    August 17, 2023
  • Federal Bar Association and MyLawCLE | Strengthen Data Privacy Compliance: The Who, What, Why, Where and How of Data Processing Agreements.
    July 27, 2023
  • North American Association of State and Provincial Lotteries in Professional Development | Keynote Speaker on Cybersecurity & Data Privacy
    July 18, 2023
  • Multi-State Information Sharing and Analysis Center | Understanding the Cyber Incident Response Battlespace
    July 11, 2023
  • The Global GRC, Data Privacy & Cyber Security ConfEx | Navigating Privacy, GRC, and Security in Today’s Business Environment
    June 28, 2023
  • FBI Executive Cyber Summit | Legal Panel
    June 21, 2023
  • Virginia Commonwealth University SCMA Symposium | Keynote Speaker on Cybersecurity
    April 14, 2023
  • rvatech CyberConVA | Decomposing a Breach Response, Panel Moderator
    February 28, 2023
  • Virginia Corporate Security Symposium (CSS) | Ransomeware: A Case Study
    February 23, 2023
  • Council of School Attorneys (COSA) | The Role of School Board Counsel in Cybersecurity Incidents
    November 16, 2022
  • Sailpoint | Cyber Insurance, Incident Response Vetting, and Finding True Solutions to 2022 Threats
    November 2, 2022
  • Virginia Cyber Security Partnership, Virginia Alliance for Secure Computing And Networking, VCU Cybersecurity Center | 2022 Cybersecurity Career Panel
    October 28, 2022
  • Innovate 2022 Conference | Security: What Different Industries Are Doing to Protect You
    October 21, 2022
  • Mid-Atlantic Financial Services Cybersecurity Consortium | Ransomware and the Financial Sector
    October 18, 2022
  • Mandiant Worldwide Information Security Exchange (mWISE™) | Navigating the New Normal In Cyber Insurance: From Application to Ensuring Robust Coverage
    October 18, 2022
  • Stafford Webinars | Ransomware, Cyber Insurance, and the GC’s Role: Current Executive Order, Risks Related to Payment, FBI Guidance
    September 27, 2022
  • Virginia Society of CPAs 52nd Annual Virginia Accounting & Auditing Conference | Plan Sponsor’s Perch With a Participant Perspective for Retirement Plan Best Practices
    September 26, 2022
  • Sailpoint | Cybersecurity Insurance Webinar
    September 21, 2022
  • VCU School of Business Risk Management and Insurance Program | Cybersecurity in 2022: Examining an Evolving Threat Landscape from Incident Response to Building Resilience
    September 9, 2022
  • Commonwealth of Virginia 2022 Information Security Conference | Cyber Resilience: Turning Your Enterprise Into a Phoenix Rising From the Virtual Ashes
    August 18, 2022
  • 15th Annual MS-ISAC Meeting | Lessons from the Life Cycle of a Cyber Incident – Expert Perspectives on What to Do Before, During, and After Experiencing a Cyber Incident
    August 10, 2022
  • Legal Talk Network: Digital Detectives | Advice for Law Firms from a Data Breach/Privacy Lawyer
    July 28, 2022
  • American Intellectual Property Law Association Spring Meeting | Responsibility of Attorneys to Develop and Maintain Tech Knowledge
    May 18, 2022
  • Virginia School Boards Association Hot Topic Conference | Cyber Security Incident Response 101
    April 20, 2022
  • Strafford | Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements: Limits to Liability, Indemnification
    February 24, 2022
  • VCU School of Business Risk Management and Insurance Program | Into the Breach: Navigating the Risk of Sensitive Data
    September 21, 2021
  • HIMSS Virginia Chapter - Annual Fall Conference | Double Extortion: Responding to Ransomware Incidents from a Lawyer’s Perspective
    September 15, 2021
  • Virginia Bar Association Summer Meeting | Into the Breach: Practical Guidance on Cybersecurity Incidents
    July 23, 2021
  • Central Virginia Small Business Development Center | Panel: Future Proofing Your Business with Blockchain
    July 7, 2021
  • Commonwealth Information Security Council Information Security Conference | 2021 Cybersecurity Reboot – Tools for building a cyber resilience
    June 24, 2021
  • OneTrust | Virginia CDPA Lands: What You Need To Know
    March 4, 2021
  • Sycom Technologies & Woods Rogers | Ransomware Readiness and Response
    February 9, 2021
  • Women in E-Discovery Richmond Chapter | Cybersecurity & E-Discovery
    January 27, 2021
  • HIMSS Virginia Chapter | What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management
    January 26, 2021
  • Virginia Bar Association | Blockchain: The Intersection of Emerging Technology and an Evolving Legal Landscape
    January 22, 2021
  • Virginia Chapter of the American Society for Healthcare Risk Management | Cybersecurity & Privacy 2020: A Quick Look at Current Concerns
    December 17, 2020
  • Innovate Lynchburg | Real World Cyber… what’s REALLY going on?
    November 17, 2020
  • AICPA Employee Benefit Plans Conference | Cybersecurity Incident Response: A Walk Through A Data Breach
    November 10, 2020
  • Virginia Bar Association Intellectual Property and Information Technology Section | Attack of the IoT Zombies: Confidentiality, Cybersecurity, and a Lawyer’s Duty
    October 29, 2020
  • RVATech Talks | Richmond Technology Podcast
    August 9, 2020
  • RVA Tech Data Summit | Cybersecurity & Data Privacy
    March 11, 2020
  • 2019 FireEye Cyber Defense Summit | Navigating the Labyrinth: A Guide to Board of Director Cybersecurity Legal Risk
    October 9, 2019
  • HalfMoon Education Inc. | Cybersecurity Issues for Engineers
    September 25, 2019
  • Kentucky Credit Union League | Cybersecurity Risk from a Legal Perspective: Top 10 Tips
    July 17, 2019
  • Dark Reading Virtual Summit | Panel: The First 24 Hours: Advice to First Responders in a Critical Data Breach
    June 26, 2019
  • 2019 IG3 Mid-Atlantic Conference | Panel: Cybersecurity, Privacy & Data Protection
    June 23, 2019
  • Virginia Information Technology Agency (VITA) | Cybersecurity & Data Privacy
    June 5, 2019
  • Council of Independent Colleges in Virginia | Higher Education Legal Update
    May 22, 2019
  • Annual VA Health Information and Management Systems Society | H.I.T. Advocacy Day
    March 14, 2019
  • Virginia Credit Union League | Cybersecurity | Regulations & Compliance
    November 6, 2018
  • Charlottesville Chamber of Commerce | Mission Possible: Cybersecurity Education & Defense for the Rest of Us
    October 25, 2018
  • ACEC HR Forum | The Role of Human Resources in Securing the Workplace
    October 16, 2018
  • General Counsel Roundtable | Cybersecurity
    September 26, 2018
  • VT Roanoke Center Facts & Snacks | Cybersecurity and Privacy
    August 30, 2018
  • CICV Conference for Chief HR Directors & Chief Financial Officers | Top Challenges in Cybersecurity Facing Higher Education in the 21st Century
    June 14, 2018
  • CICV Technology Conference for Chief Information Officers | Cybersecurity
    May 18, 2018
  • Virginia Community College System Information Security Officer Conference | General Data Protection Regulation
    May 17, 2018
  • Virginia Association of Defense Attorneys—Spring Sections Seminar | Advances in Electronic Medical Records: Key Tactical Issues
    May 10, 2018
  • Virginia Tech Corporate Research Center | European Union General Data Protection Regulation
    April 24, 2018
  • Commonwealth of Virginia Information Security | Privacy and Security from a Legal Perspective
    April 13, 2018
  • Virginia State Bar CLE: Annual Real Estate Seminar | Cybersecurity, Ethics and Real Estate Law
    March 2, 2018
  • 12th Annual VA Health Information and Management Systems Society H.I.T. Advocacy Day | Cybersecurity Planning: Insurance & Working with Outside Legal Counsel
    January 25, 2018
  • Virginia Bio | Cybersecurity Incident Response (Webinar)
    January 16, 2018

Seminars + Events

  • 2019 Labor and Employment Seminar Series
    October 2 - November 5, 2019
  • 37th Annual Labor & Employment Seminar Series
    September 20 - October 17, 2018
  • Key Legal Issues in Higher Education
    March 1, 2018

Recognition