1. Home
  2. |Professionals
  3. |Maida Oringher Lerner

Maida Oringher Lerner

Senior Counsel | She/Her/Hers
Senior Counsel | She/Her/Hers
bWxlcm5lckBjcm93ZWxsLmNvbQ==
VCard
VCard

Areas of Focus

Overview

The evolving legal fields of cybersecurity, privacy, and homeland security demand that lawyers be able to provide practical and creative advice to clients on new and complex regulatory requirements and government standards to protect sensitive and proprietary information. Prior to moving to private practice, Maida Lerner served in the Office of General Counsel for a major electric utility company and understands how to work in partnership with corporate counsel in responding efficiently to these new obligations. Maida also understands regulatory and litigation risks. She has participated in significant federal regulatory rulemakings and has represented clients in numerous proceedings before federal and state appellate courts and administrative agencies.

Maida is senior counsel in Crowell & Moring’s Washington, D.C., office and part of the firm’s Privacy and Cybersecurity and Government Contracts groups. She advises a broad group of clients in a variety of sectors — including federal contractors, trade associations, and companies in the government contracts, pipeline, transportation, health care, and manufacturing sectors — in the areas of cybersecurity and privacy compliance.

As part of an enterprisewide compliance approach to evolving and complex security risks and standards, Maida helps clients mitigate the risk of cyber incidents through practicing responses to cyber and physical security incident simulations and developing incident response and insider threat plans and programs. She also knows how to work closely with technical consultants on behalf of companies to conduct privileged vulnerability assessments and mitigation plans. Maida regularly advises clients on developing legally compliant and efficient responses to data breaches and internal investigations and coordinates with technical experts after intrusions to conduct privileged forensic investigations. Her homeland security practice has a particular emphasis on critical infrastructure, chemical security, the SAFETY Act, and corporate compliance.

Maida also counsels clients on state data privacy laws. She has helped clients in a broad range of sectors stand up new and assess existing privacy programs, develop privacy policies and procedures, and comply with notification obligations in the event of a data breach.

Maida is active in pro bono matters, with a focus on child custody issues.

Career & Education

    • Boston University School of Law, J.D.
    • State University of New York at Albany, B.A., summa cum laude
    • Boston University School of Law, J.D.
    • State University of New York at Albany, B.A., summa cum laude

    • District of Columbia
    • New York
    • Supreme Court of the United States
    • Numerous Federal Appellate and District Courts Nationwide
    • District of Columbia
    • New York
    • Supreme Court of the United States
    • Numerous Federal Appellate and District Courts Nationwide

Maida's Insights

Client Alert | 4 min read | 02.21.25

An Un[waiver]ing Commitment to CMMC: The Department of Defense Issues Guidance for Determining Assessment Levels

Amidst a flurry of executive cost-cutting, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification program—often known just as “CMMC”— appears to be defying the odds and only picking up steam. Marking the first CMMC developments under the new administration, the DoD has published guidance that previews what to expect once CMMC is finalized. These developments suggest that the current administration intends to pick up where it left off, having first introduced the CMMC program during President Trump’s first term....

View All Insights

Representative Matters

  • Advised government contractors and owners and operators of U.S. critical infrastructure on privileged cybersecurity, privacy and physical security risk assessments and compliance reviews.
  • Advised clients in all U.S. critical infrastructure sectors on the development of cybersecurity and physical security policies, including incident response plans, insider threat programs, and governance frameworks.
  • Facilitated simulated security incident exercises and developed training programs for owners and operators of U.S. critical infrastructure in all sectors to test response plans, in coordination with technical consultants under privilege.
  • Advised clients in all U.S. critical infrastructure sectors on the development of enterprise-wide and global privacy policies, including privacy notices, user agreements and assessment of incident notification obligations.
  • Represented a transportation sector trade association in securing competitive federal funding for a state-of-the-art cyber threat information-sharing network.
  • Advised clients in a multitude of sectors, including energy, transportation, health and education, on chemical security regulation compliance, including the Chemical Facility Anti-Terrorism Standards (CFATS).
  • Advised clients and represented a company on successful resolution of applications under the Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act.
  • Advised corporations on compliance issues arising under federal and state Clean Air Acts and asbestos abatement issues.
  • Participated in major rulemakings arising under the federal Clean Air Act.
  • Advised companies on internal environmental audits.
  • Represented members of the utility industry in successful resolution of appellate litigation.

Maida's Insights

Client Alert | 4 min read | 02.21.25

An Un[waiver]ing Commitment to CMMC: The Department of Defense Issues Guidance for Determining Assessment Levels

Amidst a flurry of executive cost-cutting, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification program—often known just as “CMMC”— appears to be defying the odds and only picking up steam. Marking the first CMMC developments under the new administration, the DoD has published guidance that previews what to expect once CMMC is finalized. These developments suggest that the current administration intends to pick up where it left off, having first introduced the CMMC program during President Trump’s first term....

View All Insights

Insights

Client Alert | 4 min read | 02.21.25

An Un[waiver]ing Commitment to CMMC: The Department of Defense Issues Guidance for Determining Assessment Levels

Publication | 01.28.25

Changes to Critical Infrastructure Requirements

Client Alert | 8 min read | 01.17.25

Cyber For All: Proposed Rule Introduces Government-Wide CUI Cybersecurity Requirements

Client Alert | 8 min read | 10.14.24

Cybersecurity Matured: DoD Finalizes Cybersecurity Maturity Model Certification (CMMC) Program

View All Insights

Practices

Industries

Maida's Insights

Client Alert | 4 min read | 02.21.25

An Un[waiver]ing Commitment to CMMC: The Department of Defense Issues Guidance for Determining Assessment Levels

Amidst a flurry of executive cost-cutting, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification program—often known just as “CMMC”— appears to be defying the odds and only picking up steam. Marking the first CMMC developments under the new administration, the DoD has published guidance that previews what to expect once CMMC is finalized. These developments suggest that the current administration intends to pick up where it left off, having first introduced the CMMC program during President Trump’s first term....

View All Insights