Robert Duffy helps clients manage their cybersecurity, privacy, and information technology legal risks by delivering practical advice, navigating crisis response and aggressively pursuing justice for victims of cybercrime and business torts. Robert conducts internal investigations into security incidents, vulnerability reports, potential compliance issues, insider threats and other high-stakes matters. Robert helps clients meet regulatory and legal obligations by assessing cybersecurity maturity and developing cost-effective and risk-prioritized remediation plans and maturity roadmaps. Robert also defends clients against regulatory investigations and other post-incident disputes.
Robert helps industry leaders and other mature organizations meet emerging legal and regulatory obligations by leveraging enterprise risk management tools and techniques, deploying best-of-breed technology solutions and developing novel tactics, techniques, and procedures. He also helps start-up, mid-market and acquisition-focused companies quickly close compliance gaps. Robert helps clients across industries bring compliant and secure products to market.
Robert is a trusted adviser to the cybersecurity industry. His current and former clients include the counter-cybercrime division of a major technology company, a leading consumer security software company, a multinational managed security services provider and a leading enterprise cybersecurity services provider.
Robert is a lifelong technology enthusiast who wrote his first “hello world” computer program more than 30 years ago. He learned Linux and FreeBSD as an undergraduate and has been a Unix hobbyist since. Between undergraduate and law school, he was a full-stack developer for a leading government contractor. Today, clients turn to Robert for guidance with issues across the technology spectrum, including secure software development, privacy-by-design, process automation, outsourcing and external dependency management, information assurance and resiliency, operations technology, critical infrastructure, AI governance, IT audit and compliance operations.
In his pro bono practice, Robert fights for the confidentiality of abuse victim services by defending VAWA-funded organizations from subpoenas. He also advises start-up and growing non-profit organizations on a broad array of issues.
During law school, Robert was the president of the Student Bar Association and chair of the ad hoc committee to redraft the Honor Code.