1. Home
  2. |Professionals
  3. |Maida Oringher Lerner

Maida Oringher Lerner

Senior Counsel | She/Her/Hers

Overview

The evolving legal fields of cybersecurity, privacy, and homeland security demand that lawyers be able to provide practical and creative advice to clients on new and complex regulatory requirements and government standards to protect sensitive and proprietary information. Prior to moving to private practice, Maida Lerner served in the Office of General Counsel for a major electric utility company and understands how to work in partnership with corporate counsel in responding efficiently to these new obligations. Maida also understands regulatory and litigation risks. She has participated in significant federal regulatory rulemakings and has represented clients in numerous proceedings before federal and state appellate courts and administrative agencies.

Maida is senior counsel in Crowell & Moring’s Washington, D.C., office and part of the firm’s Cybersecurity and Privacy and Government Contracts groups. She advises a broad group of clients in a variety of sectors — including federal contractors, trade associations, and companies in the government contracts, pipeline, transportation, health care, and manufacturing sectors — in the areas of cybersecurity and privacy compliance.

As part of an enterprisewide compliance approach to evolving and complex security risks and standards, Maida helps clients mitigate the risk of cyber incidents through practicing responses to cyber and physical security incident simulations and developing incident response and insider threat plans and programs. She also knows how to work closely with technical consultants on behalf of companies to conduct privileged vulnerability assessments and mitigation plans. Maida regularly advises clients on developing legally compliant and efficient responses to data breaches and internal investigations and coordinates with technical experts after intrusions to conduct privileged forensic investigations. Her homeland security practice has a particular emphasis on critical infrastructure, chemical security, the SAFETY Act, and corporate compliance.

Maida also counsels clients on state data privacy laws. She has helped clients in a broad range of sectors stand up new and assess existing privacy programs, develop privacy policies and procedures, and comply with notification obligations in the event of a data breach.

Maida is active in pro bono matters, with a focus on child custody issues.

Career & Education

|
    • State University of New York at Albany, B.A., summa cum laude
    • Boston University School of Law, J.D.
    • State University of New York at Albany, B.A., summa cum laude
    • Boston University School of Law, J.D.
    • District of Columbia
    • New York
    • Supreme Court of the United States
    • Numerous Federal Appellate and District Courts Nationwide
    • District of Columbia
    • New York
    • Supreme Court of the United States
    • Numerous Federal Appellate and District Courts Nationwide

Maida's Insights

Client Alert | 2 min read | 03.21.24

Software Developments: CISA Finalizes Attestation Form, Triggering Secure Software Development Implementation

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) published an updated Secure Software Development Attestation Form, meaning that producers of software and providers of products containing software used by the federal government may be required to submit their attestations in the very near future. The Attestation Form, first published in April 2023, is a key cog in CISA’s implementation of software supply chain security requirements in accordance with Executive Order 14028, Improving the Nation’s Cybersecurity and OMB Memoranda M-22-18 and M-23-16....

Representative Matters

  • Advised government contractors and owners and operators of U.S. critical infrastructure on privileged cybersecurity, privacy and physical security risk assessments and compliance reviews.
  • Advised clients in all U.S. critical infrastructure sectors on the development of cybersecurity and physical security policies, including incident response plans, insider threat programs, and governance frameworks.
  • Facilitated simulated security incident exercises and developed training programs for owners and operators of U.S. critical infrastructure in all sectors to test response plans, in coordination with technical consultants under privilege.
  • Advised clients in all U.S. critical infrastructure sectors on the development of enterprise-wide and global privacy policies, including privacy notices, user agreements and assessment of incident notification obligations.
  • Represented a transportation sector trade association in securing competitive federal funding for a state-of-the-art cyber threat information-sharing network.
  • Advised clients in a multitude of sectors, including energy, transportation, health and education, on chemical security regulation compliance, including the Chemical Facility Anti-Terrorism Standards (CFATS).
  • Advised clients and represented a company on successful resolution of applications under the Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act.
  • Advised corporations on compliance issues arising under federal and state Clean Air Acts and asbestos abatement issues.
  • Participated in major rulemakings arising under the federal Clean Air Act.
  • Advised companies on internal environmental audits.
  • Represented members of the utility industry in successful resolution of appellate litigation.

Maida's Insights

Client Alert | 2 min read | 03.21.24

Software Developments: CISA Finalizes Attestation Form, Triggering Secure Software Development Implementation

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) published an updated Secure Software Development Attestation Form, meaning that producers of software and providers of products containing software used by the federal government may be required to submit their attestations in the very near future. The Attestation Form, first published in April 2023, is a key cog in CISA’s implementation of software supply chain security requirements in accordance with Executive Order 14028, Improving the Nation’s Cybersecurity and OMB Memoranda M-22-18 and M-23-16....

|

Maida's Insights

Client Alert | 2 min read | 03.21.24

Software Developments: CISA Finalizes Attestation Form, Triggering Secure Software Development Implementation

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) published an updated Secure Software Development Attestation Form, meaning that producers of software and providers of products containing software used by the federal government may be required to submit their attestations in the very near future. The Attestation Form, first published in April 2023, is a key cog in CISA’s implementation of software supply chain security requirements in accordance with Executive Order 14028, Improving the Nation’s Cybersecurity and OMB Memoranda M-22-18 and M-23-16....