Beth Burgin Waller is a cybersecurity and data privacy attorney who uses her significant experience in technology to counsel clients on cybersecurity risk management, incident response, and privacy laws.

As chair of the Cybersecurity & Data Privacy Practice at Woods Rogers, Beth’s experience on the intersection of technology and the law is extensive. Beth is a Certified Information Privacy Professional with both U.S. and Europe designations (CIPP/US & CIPP/E) and a Certified Information Privacy Manager (CIPM) from the International Association of Privacy Professionals (IAPP).

Clients ranging from Fortune 200 companies to municipalities and universities, and spanning industries such as manufacturing, healthcare, banking, and energy depend on Beth for advice and counsel on risk management, data security, and regulatory compliance. Beth also advises clients in high-tech fields such as biotechnology and software development and has worked with clients pioneering new technologies such as blockchain and IoT devices.

Beth has been on the frontlines when an organization’s worst security fears are realized. She specializes in critical infrastructure cybersecurity incident response, with experience leading teams bringing complicated systems back online after cyber attacks. Beth has led cyber crisis management responses across different industries and has experience with the intersection of NERC CIP, GLBA, and HIPAA with cybersecurity incident response.

Beth is hands-on and leads a team of seasoned security professionals that dive into the nuances of network maps and IT asset inventories alongside clients and technical forensic incident response teams to quickly rebuild a downed enterprise. In this way, she is truly a “CISO’s lawyer.” These cyber incidents have given her insight into what an organization must do to become truly cyber resilient. She counsels her clients—including briefing their Boards of Directors—on the protective measures they can take before a cybersecurity crisis strikes.

With the rise of third-party vendor risk, Beth developed supplier vetting programs and often negotiates cyber and privacy risks associated with contracting. From data protection/information security addendums to high-stakes technology contracts, companies often hire Beth as outside general counsel to help their legal departments navigate cybersecurity and privacy risks.

In the field of privacy, Beth has helped companies build privacy programs from the ground up and led major regulatory compliance rollouts. Beth vets data impact assessments, privacy impact assessments, privacy policies, and the implementation of new technology on business operations and privacy compliance. From software applications to websites to even trade show attendance, Beth has experience navigating the complicated world of international and local privacy laws and regulations.

In 2021, Beth was named as a OneTrust Data Guidance expert in the field of data privacy in Virginia. Beth’s reputation as a leader in technology and the law is further evidenced by her appointment and election to leadership positions in both of the major bars of the Commonwealth: the Virginia State Bar and the Virginia Bar Association. In 2019, Beth was appointed to serve as Vice-Chair of the Virginia State Bar’s Special Committee on Technology and the Future Practice of Law. She previously chaired the Committee’s subcommittee on cybersecurity. In 2021, she was named to the Virginia Bar Association’s Intellectual Property and Information Technology Section Council. She also served for eight years as an adjunct professor of law at Washington and Lee University Law School, teaching technology-focused classes to law students.

Beth has been recognized repeatedly in Best Lawyers in America listings. She has been named a Virginia Super Lawyers Rising Star in multiple categories and Virginia Business magazine has ranked her in their Legal Elite listings. Virginia Lawyers Weekly named Beth to the 2022 “Influential Women of Law” list and in 2017, she was named an “Up & Coming Lawyer,” one of 15 attorneys selected across the Commonwealth for this distinction.

Beth is a frequent contributor to the national online cybersecurity journal Dark Reading, where she authors articles on cybersecurity’s and data privacy’s legal risks.

Beth graduated magna cum laude from Hollins University, with honors in creative writing, where she was also student body president. Beth attended the Sorensen Institute for Political Leadership at the University of Virginia before earning her law degree from the College of William & Mary.

Thought Leadership

Published Articles

Teaching Engagements

Electronic Discovery – W&L Law – Fall 2018

Attorney Perspectives

Speaking Engagements

  • American Intellectual Property Law Association Spring Meeting | Responsibility of Attorneys to Develop and Maintain Tech Knowledge
    May 18, 2022
  • Strafford | Drafting Data and Cybersecurity Provisions in Third-Party Vendor Agreements: Limits to Liability, Indemnification
    February 24, 2022
  • Virginia School Boards Association Hot Topic Conference | Cyber Security Incident Response 101
    April 20, 2022
  • HIMSS Virginia Chapter - Annual Fall Conference | Double Extortion: Responding to Ransomware Incidents from a Lawyer’s Perspective
    September 15, 2021
  • Virginia Bar Association Summer Meeting | Into the Breach: Practical Guidance on Cybersecurity Incidents
    July 23, 2021
  • VCU School of Business Risk Management and Insurance Program | Into the Breach: Navigating the Risk of Sensitive Data
    September 21, 2021
  • Central Virginia Small Business Development Center | Panel: Future Proofing Your Business with Blockchain
    July 7, 2021
  • Commonwealth Information Security Council Information Security Conference | 2021 Cybersecurity Reboot – Tools for building a cyber resilience
    June 24, 2021
  • OneTrust | Virginia CDPA Lands: What You Need To Know
    March 4, 2021
  • Sycom Technologies & Woods Rogers | Ransomware Readiness and Response
    February 9, 2021
  • Virginia Bar Association | Blockchain: The Intersection of Emerging Technology and an Evolving Legal Landscape
    January 22, 2021
  • Women in E-Discovery Richmond Chapter | Cybersecurity & E-Discovery
    January 27, 2021
  • HIMSS Virginia Chapter | What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management
    January 26, 2021
  • Innovate Lynchburg | Real World Cyber… what’s REALLY going on?
    November 17, 2020
  • Virginia Chapter of the American Society for Healthcare Risk Management | Cybersecurity & Privacy 2020: A Quick Look at Current Concerns
    December 17, 2020
  • AICPA Employee Benefit Plans Conference | Cybersecurity Incident Response: A Walk Through A Data Breach
    November 10, 2020
  • Virginia Bar Association Intellectual Property and Information Technology Section | Attack of the IoT Zombies: Confidentiality, Cybersecurity, and a Lawyer’s Duty
    October 29, 2020
  • RVATech Talks | Richmond Technology Podcast
    August 9, 2020
  • RVA Tech Data Summit | Cybersecurity & Data Privacy
    March 11, 2020
  • 2019 FireEye Cyber Defense Summit | Navigating the Labyrinth: A Guide to Board of Director Cybersecurity Legal Risk
    October 9, 2019
  • HalfMoon Education Inc. | Cybersecurity Issues for Engineers
    September 25, 2019
  • Kentucky Credit Union League | Cybersecurity Risk from a Legal Perspective: Top 10 Tips
    July 17, 2019
  • Dark Reading Virtual Summit | Panel: The First 24 Hours: Advice to First Responders in a Critical Data Breach
    June 26, 2019
  • 2019 IG3 Mid-Atlantic Conference | Panel: Cybersecurity, Privacy & Data Protection
    June 23, 2019
  • Virginia Information Technology Agency (VITA) | Cybersecurity & Data Privacy
    June 5, 2019
  • Council of Independent Colleges in Virginia | Higher Education Legal Update
    May 22, 2019
  • Annual VA Health Information and Management Systems Society | H.I.T. Advocacy Day
    March 14, 2019
  • Virginia Credit Union League | Cybersecurity | Regulations & Compliance
    November 6, 2018
  • Charlottesville Chamber of Commerce | Mission Possible: Cybersecurity Education & Defense for the Rest of Us
    October 25, 2018
  • ACEC HR Forum | The Role of Human Resources in Securing the Workplace
    October 16, 2018
  • General Counsel Roundtable | Cybersecurity
    September 26, 2018
  • VT Roanoke Center Facts & Snacks | Cybersecurity and Privacy
    August 30, 2018
  • CICV Conference for Chief HR Directors & Chief Financial Officers | Top Challenges in Cybersecurity Facing Higher Education in the 21st Century
    June 14, 2018
  • CICV Technology Conference for Chief Information Officers | Cybersecurity
    May 18, 2018
  • Virginia Community College System Information Security Officer Conference | General Data Protection Regulation
    May 17, 2018
  • Virginia Association of Defense Attorneys—Spring Sections Seminar | Advances in Electronic Medical Records: Key Tactical Issues
    May 10, 2018
  • Virginia Tech Corporate Research Center | European Union General Data Protection Regulation
    April 24, 2018
  • Commonwealth of Virginia Information Security | Privacy and Security from a Legal Perspective
    April 13, 2018
  • Virginia State Bar CLE: Annual Real Estate Seminar | Cybersecurity, Ethics and Real Estate Law
    March 2, 2018
  • 12th Annual VA Health Information and Management Systems Society H.I.T. Advocacy Day | Cybersecurity Planning: Insurance & Working with Outside Legal Counsel
    January 25, 2018
  • Virginia Bio | Cybersecurity Incident Response (Webinar)
    January 16, 2018

Seminars + Events

  • 2019 Labor and Employment Seminar Series
    October 2 - November 5, 2019
  • 37th Annual Labor & Employment Seminar Series
    September 20 - October 17, 2018
  • Key Legal Issues in Higher Education
    March 1, 2018