Beth Burgin Waller is a cybersecurity and data privacy attorney who uses her significant experience in technology to counsel clients on cybersecurity risk management, incident response, and privacy laws.
As chair of the Cybersecurity & Data Privacy Practice at Woods Rogers, Beth’s experience on the intersection of technology and the law is extensive. Beth is a Certified Information Privacy Professional with both U.S. and Europe designations (CIPP/US & CIPP/E) and a Certified Information Privacy Manager (CIPM) from the International Association of Privacy Professionals (IAPP).
Clients ranging from Fortune 200 companies to municipalities and universities, and spanning industries such as manufacturing, healthcare, banking, and energy depend on Beth for advice and counsel on risk management, data security, and regulatory compliance. Beth also advises clients in high-tech fields such as biotechnology and software development and has worked with clients pioneering new technologies such as blockchain and IoT devices.
Beth has been on the frontlines when an organization’s worst security fears are realized. She specializes in critical infrastructure cybersecurity incident response, with experience leading teams bringing complicated systems back online after cyber attacks. Beth has led cyber crisis management responses across different industries and has experience with the intersection of NERC CIP, GLBA, and HIPAA with cybersecurity incident response.
Beth is hands-on and leads a team of seasoned security professionals that dive into the nuances of network maps and IT asset inventories alongside clients and technical forensic incident response teams to quickly rebuild a downed enterprise. In this way, she is truly a “CISO’s lawyer.” These cyber incidents have given her insight into what an organization must do to become truly cyber resilient. She counsels her clients—including briefing their Boards of Directors—on the protective measures they can take before a cybersecurity crisis strikes.
With the rise of third-party vendor risk, Beth developed supplier vetting programs and often negotiates cyber and privacy risks associated with contracting. From data protection/information security addendums to high-stakes technology contracts, companies often hire Beth as outside general counsel to help their legal departments navigate cybersecurity and privacy risks.
In the field of privacy, Beth has helped companies build privacy programs from the ground up and led major regulatory compliance rollouts. Beth vets data impact assessments, privacy impact assessments, privacy policies, and the implementation of new technology on business operations and privacy compliance. From software applications to websites to even trade show attendance, Beth has experience navigating the complicated world of international and local privacy laws and regulations.
In 2021, Beth was named as a OneTrust Data Guidance expert in the field of data privacy in Virginia. Beth’s reputation as a leader in technology and the law is further evidenced by her appointment and election to leadership positions in both of the major bars of the Commonwealth: the Virginia State Bar and the Virginia Bar Association. In 2019, Beth was appointed to serve as Vice-Chair of the Virginia State Bar’s Special Committee on Technology and the Future Practice of Law. She previously chaired the Committee’s subcommittee on cybersecurity. In 2021, she was named to the Virginia Bar Association’s Intellectual Property and Information Technology Section Council. She also served for eight years as an adjunct professor of law at Washington and Lee University Law School, teaching technology-focused classes to law students.
Beth has been recognized repeatedly in Best Lawyers in America listings. She has been named a Virginia Super Lawyers Rising Star in multiple categories and Virginia Business magazine has ranked her in their Legal Elite listings. In 2017, she was named a Virginia Lawyers Weekly “Up & Coming Lawyer,” one of 15 attorneys selected across the Commonwealth for this distinction.
Beth is a frequent contributor to the national online cybersecurity journal Dark Reading, where she authors articles on cybersecurity’s and data privacy’s legal risks.
Beth graduated magna cum laude from Hollins University, with honors in creative writing, where she was also student body president. Beth attended the Sorensen Institute for Political Leadership at the University of Virginia before earning her law degree from the College of William & Mary.
American Bar Association
Virginia Bar Association
Intellectual Property and Information Technology Section Council
Virginia State Bar
Special Committee on the Technology and Practice of Law
Certified Information Privacy Manager (CIPM)
Certified Information Privacy Professional with a European designation (CIPP-E)
Certified Information Privacy Professional with a U.S. designation (CIPP-US)
Washington and Lee Law School
- Mission Critical: What Really Matters in a Cybersecurity Incident, Dark Reading, June 17, 2021
- Virginia Takes Different Tack Than California With Data Privacy Law, Dark Reading, February 18, 2021
- To Pay or Not to Pay: Responding to Ransomware From a Lawyer’s Perspective, Dark Reading, November 17, 2020
- Ransomware from Your Lawyer’s Perspective, Dark Reading, June 16, 2020
- SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit, Dark Reading, December 5, 2019
- How Network Logging Mitigates Legal Risk, Dark Reading, September 23, 2019
- The California Consumer Privacy Act’s Hidden Surprise Has Big Legal Consequences, Dark Reading, August 13, 2019
- Attack of the Zombie Fitbit, Lynchburg Business Magazine, June/July 2019
- A Lawyer’s Guide to Cyber Insurance: 4 Basic Tips, Dark Reading, July 12, 2019
- Incident Response: 3 Easy Traps & How to Avoid Them, Dark Reading, May 23, 2019
- How to Help Your Board Navigate Cybersecurity’s Legal Risks, Dark Reading, April 30, 2019
- Data in Danger, Lynchburg Business Magazine, August/September 2018
- Fire Where There is No Flame: The Constitutionality of Single-Sex Education in the Commonwealth, William & Mary Journal of Women and the Law
Electronic Discovery – W&L Law – Fall 2018
Before the Breach: Time to Get Serious About Cyber Resilience | June 15, 2021
Governor Signs Virginia Consumer Data Protection Act | March 3, 2021
Virginia Is Likely Second State to Pass a Major Data Privacy Act | February 5, 2021
Data Privacy 2021: Looking Back and Planning Ahead | January 7, 2021
Cybersecurity in 2019: A Look Ahead | December 18, 2018
Assess – Improve – Prevent | October 31, 2018
HIMSS Virginia Chapter - Annual Fall Conference | Double Extortion: Responding to Ransomware Incidents from a Lawyer’s Perspective | September 15, 2021
Virginia Bar Association Summer Meeting | Into the Breach: Practical Guidance on Cybersecurity Incidents | July 23, 2021
VCU School of Business Risk Management and Insurance Program | Into the Breach: Navigating the Risk of Sensitive Data | September 21, 2021
Central Virginia Small Business Development Center | Panel: Future Proofing Your Business with Blockchain | July 7, 2021
Commonwealth Information Security Council Information Security Conference | 2021 Cybersecurity Reboot – Tools for building a cyber resilience | June 24, 2021
OneTrust | Virginia CDPA Lands: What You Need To Know | March 4, 2021
Sycom Technologies & Woods Rogers | Ransomware Readiness and Response | February 9, 2021
Virginia Bar Association | Blockchain: The Intersection of Emerging Technology and an Evolving Legal Landscape | January 22, 2021
Women in E-Discovery Richmond Chapter | Cybersecurity & E-Discovery | January 27, 2021
HIMSS Virginia Chapter | What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management | January 26, 2021
Innovate Lynchburg | Real World Cyber… what’s REALLY going on? | November 17, 2020
Virginia Chapter of the American Society for Healthcare Risk Management | Cybersecurity & Privacy 2020: A Quick Look at Current Concerns | December 17, 2020
AICPA Employee Benefit Plans Conference | Cybersecurity Incident Response: A Walk Through A Data Breach | November 10, 2020
Virginia Bar Association Intellectual Property and Information Technology Section | Attack of the IoT Zombies: Confidentiality, Cybersecurity, and a Lawyer’s Duty | October 29, 2020
RVATech Talks | Richmond Technology Podcast | August 9, 2020
RVA Tech Data Summit | Cybersecurity & Data Privacy | March 11, 2020
2019 FireEye Cyber Defense Summit | Navigating the Labyrinth: A Guide to Board of Director Cybersecurity Legal Risk | October 9, 2019
HalfMoon Education Inc. | Cybersecurity Issues for Engineers | September 25, 2019
Kentucky Credit Union League | Cybersecurity Risk from a Legal Perspective: Top 10 Tips | July 17, 2019
Dark Reading Virtual Summit | Panel: The First 24 Hours: Advice to First Responders in a Critical Data Breach | June 26, 2019
2019 IG3 Mid-Atlantic Conference | Panel: Cybersecurity, Privacy & Data Protection | June 23, 2019
Virginia Information Technology Agency (VITA) | Cybersecurity & Data Privacy | June 5, 2019
Council of Independent Colleges in Virginia | Higher Education Legal Update | May 22, 2019
Annual VA Health Information and Management Systems Society | H.I.T. Advocacy Day | March 14, 2019
Virginia Credit Union League | Cybersecurity | Regulations & Compliance | November 6, 2018
Charlottesville Chamber of Commerce | Mission Possible: Cybersecurity Education & Defense for the Rest of Us | October 25, 2018
ACEC HR Forum | The Role of Human Resources in Securing the Workplace | October 16, 2018
General Counsel Roundtable | Cybersecurity | September 26, 2018
VT Roanoke Center Facts & Snacks | Cybersecurity and Privacy | August 30, 2018
CICV Conference for Chief HR Directors & Chief Financial Officers | Top Challenges in Cybersecurity Facing Higher Education in the 21st Century | June 14, 2018
CICV Technology Conference for Chief Information Officers | Cybersecurity | May 18, 2018
Virginia Community College System Information Security Officer Conference | General Data Protection Regulation | May 17, 2018
Virginia Association of Defense Attorneys—Spring Sections Seminar | Advances in Electronic Medical Records: Key Tactical Issues | May 10, 2018
Virginia Tech Corporate Research Center | European Union General Data Protection Regulation | April 24, 2018
Commonwealth of Virginia Information Security | Privacy and Security from a Legal Perspective | April 13, 2018
Virginia State Bar CLE: Annual Real Estate Seminar | Cybersecurity, Ethics and Real Estate Law | March 2, 2018
12th Annual VA Health Information and Management Systems Society H.I.T. Advocacy Day | Cybersecurity Planning: Insurance & Working with Outside Legal Counsel | January 25, 2018
Virginia Bio | Cybersecurity Incident Response (Webinar) | January 16, 2018
SEMINARS + EVENTS
2019 Labor and Employment Seminar Series | October 2 - November 5
37th Annual Labor & Employment Seminar Series | September 20, 2018
Key Legal Issues in Higher Education | March 1, 2018
Forty-four Woods Rogers Attorneys Recognized by Best Lawyers for 2022 | August 19, 2021
31 Woods Rogers Attorneys Listed as “Legal Elite” and “Rising Stars” | November 30, 2020
“Legal Elite” Ranking Lists 30 Woods Rogers Attorneys | December 10, 2019
Attorney Beth Waller Achieves CIPP-US & CIPP-E Designations | June 20, 2019
Virginia Business Names 26 Woods Rogers Attorneys as 2018 “Legal Elite” | December 5, 2018
Virginia Lawyers Weekly Honors Two Woods Rogers Attorneys | September 6, 2017
Woods Rogers Names New Principals | January 7, 2015
Lawyer case results depend upon a variety of factors unique to each case. Case results do not guarantee or predict a similar result in any future case undertaken by the lawyer.