Kaylee Cox Bankston

Kaylee Cox Bankston is a partner in Goodwin’s Data, Privacy, & Cybersecurity practice. She specializes in complex cybersecurity and privacy matters, including data privacy and security compliance, corporate governance and risk management, cybersecurity investigations and breach preparation, regulatory investigations, litigation and class action defense, and development of corporate security and privacy programs.

Kaylee advises clients in a wide range of industries on data privacy and security risk management as well as compliance with state, federal, and international data protection laws and regulations. She counsels clients on cybersecurity and privacy legislative and regulatory developments and creates compliance programs to address new and emerging US and international privacy and security requirements.

Kaylee also advises clients on corporate governance strategies in connection with security and privacy risk management and counsels clients on the development of security and privacy programs and corporate policies. She develops and conducts information security and privacy program assessments and leads cybersecurity simulations, “tabletop” exercises, and war games. She also assists clients with preparing for security audits, assessments, and testing and counsels on post-assessment implementation and risk mitigation strategies. She counsels clients on vendor management, including developing security and privacy contracting frameworks and negotiating data protection agreements. Kaylee also advises clients on privacy and security diligence matters in connection with corporate transactions.

Kaylee has substantial experience representing clients in privacy and security investigations and related regulatory actions. She advises clients in connection with cybersecurity investigations and response, including counseling on legal obligations, communications, risk mitigation, and litigation defense strategies. She also represents companies in privacy and security matters before US and international regulators, including the US Federal Trade Commission and state attorneys general, and in litigation matters in various federal and state courts.

Kaylee is a Certified Information Privacy Professional for the U.S. private sector (CIPP/US).

Prior to joining Goodwin, Kaylee was counsel at Manatt, Phelps & Phillips. Previously, she was senior counsel and co-chair of the cybersecurity, data breach, and privacy team at Holland & Knight.

Kaylee is a Certified Information Privacy Professional (CIPP) by the International Association of Privacy Professionals. She also serves on the Center for a New American Security, Technology Policy Lab Working Group for Data Privacy. She previously served on the Bar Association of the District of Columbia Board of Directors and National Security Steering Committee.

Holland & Knight recognized Kaylee as a Rising Star in 2019.

• Panelist, “Cyber New Year’s Resolutions: Predictions and Best Practices for Risk Management”, IAPP Web Conferences, January 2023
• Panelist, “Proposed SEC Rules Will Force Public Companies to Dramatically Rethink Cybersecurity Investigations and Response Strategy,” Webinar (December 2022)
• Speaker, “Navigating Data Privacy & Managing Vendors for Multifamily Housing,” National Apartment Association Apartmentalize conference (June 2022)
• Moderator, “National and Data Security” Public Leadership Education Network, Women in STEM Policy Seminar (March 2022)
• Speaker, “Data Security and Protection,” Public Leadership Education Network, Women in STEM Policy Seminar (January 2021)
• Co-author, “COVID-19: Evolving Cybersecurity Considerations for Business,” Corporate Compliance Insights (March 2020)
• Co-author, “6 Changes in California’s New Draft Privacy Regulations,” Law 360 (March 2020)
• Speaker, “Data Privacy and Security Regulations,” National Multifamily Housing Council, 2020 OPTECH Conference (November 2020)
• Speaker, “Privacy, Data, and the Future of Internet-Driven Amenities,” National Apartment Association, APTvirtual Conference (November 2020)
• Speaker, Cybersecurity Breakout Session, PLEN, Women in Law and Legal Advocacy Seminar (October 2020)
• Moderator, “Data Privacy Laws Are Here: What You Need to Know to Comply,” National Multifamily Housing Council, 2020 Annual Meeting, (January 2020)
• Speaker, “Coming Soon: Stronger Consumer Data Protections,” National Multifamily Housing Council, 2019 OPTECH Conference (November 2019)
• Speaker, “CCPA and Beyond: How To Be Ready for New Privacy and Data Security Threats in the Digital Age,” National Association of Women Lawyers’ General Counsel Institute (November 2019)
• Moderator, “The Security Implications of New and Emerging Privacy Laws,” Privacy+Security Forum (October 2019)
• Speaker, “Are You Ready for the New Data Privacy Rules?” 2019 National Multifamily Housing Council, Fall Meeting (September 2019)
• Panelist, “Data Privacy and Cybersecurity,” Asian Pacific Interest Section (APIS) 24th Annual APIS Conference (April 2019)
• Speaker, “The California Consumer Privacy Act and the Future of Privacy Regulation,” GW Law Federal Communications Law Journal Symposium (March 2019)
• Moderator, “Women in National and Cyber Security,” Public Leadership Education Network, Women in STEM Policy Conference (January 2019)
• Panelist, “The Basics of a Solid Data Management Program,” NMHC OPTECH Conference & Exposition (November 2018)
• Co-Author, “Five Key Takeaways from California’s Watershed Privacy Law,” Insurance Journal (July 2018)
• Speaker, “Privacy and Cybersecurity: Breaches, the EU GDPR, and Proxy Attacks,” The Washington Foreign Law Society (June 2018)
• Speaker, “International STEM Policy Breakout Session: Cyber Security,” The Public Leadership Education Network Women in Global Policy 2018 Seminar (May 2018)
• Supplemental Author, “A Buyer’s Guide to Cyber Liability Insurance Coverage, 2nd Edition” (2017)
• Speaker, “Cybersecurity and the Law,” The Public Leadership Education Network Women, Law, and Legal Advocacy Seminar (October 2017)
• Speaker, “The Continuously Emerging World of Cybersecurity – Are You Compliant?,” Small and Emerging Contractors Advisory Forum (SECAF) Member Forum (April 2017)
• Speaker, “Multifamily and Cybersecurity: Threat Landscape and Best Practices,” 4th Annual Northern Virginia Apartment Summit: Multifamily Opportunities in a Time of Disruption (2017)
• Speaker, “Cybersecurity: The Nuts and Bolts of Compliance,” Federal Publications Seminars Government Contracts Conference (March 2017)
• Co-Author, “A Necessary Paradigm: Leveraging Legal Counsel to Mitigate Cyber Risk,” Insurance Law Committee Update of the International Bar Association Legal Practice Division (March 2017)
• Panelist, “Internet Law Update: Cyber Security and E-Commerce,” 4th Annual Caribbean Corporate Counsel Summit, Association of Caribbean Corporate Counsel (September 2016)
• Co-Author, “CFPB Expands UDAAP Jurisdiction in First Foray into Data Security Enforcement,” (The Banking Law Journal (May 2016)
• Quoted in Article, “Cybersecurity in Construction,” Constructech (March 2016)
• Speaker, “Insights for 2016: A Year for Government Transition, A Year of Increased Cyber Risks,” Southern Law Network 16th Annual General Counsel Conference (October 2015)
• Co-Author, “How to Avoid Choosing the Wrong Cybersecurity Firm,” JD Supra Perspectives (June 2015)