Kaylee Bankston, Goodwin Procter LLP Partner, practices Data, Privacy, & Cybersecurity law and Complex Litigation and Dispute Resolution

Kaylee Cox Bankston

Kaylee Cox Bankston
Washington, DC
+1 202 346 4399

Kaylee Cox Bankston is a partner in Goodwin’s Data, Privacy, & Cybersecurity practice. She specializes in complex cybersecurity and privacy matters, including data privacy and security compliance, corporate governance and risk management, cybersecurity investigations and breach preparation, regulatory investigations, litigation and class action defense, and development of corporate security and privacy programs.

Kaylee advises clients in a wide range of industries on data privacy and security risk management as well as compliance with state, federal, and international data protection laws and regulations. She counsels clients on cybersecurity and privacy legislative and regulatory developments and creates compliance programs to address new and emerging US and international privacy and security requirements.

Kaylee also advises clients on corporate governance strategies in connection with security and privacy risk management and counsels clients on the development of security and privacy programs and corporate policies. She develops and conducts information security and privacy program assessments and leads cybersecurity simulations, “tabletop” exercises, and war games. She also assists clients with preparing for security audits, assessments, and testing and counsels on post-assessment implementation and risk mitigation strategies. She counsels clients on vendor management, including developing security and privacy contracting frameworks and negotiating data protection agreements. Kaylee also advises clients on privacy and security diligence matters in connection with corporate transactions.

Kaylee has substantial experience representing clients in privacy and security investigations and related regulatory actions. She advises clients in connection with cybersecurity investigations and response, including counseling on legal obligations, communications, risk mitigation, and litigation defense strategies. She also represents companies in privacy and security matters before US and international regulators, including the US Federal Trade Commission and state attorneys general, and in litigation matters in various federal and state courts.

Kaylee is a Certified Information Privacy Professional for the US private sector (CIPP/US).

Professional Experience

Prior to joining Goodwin, Kaylee was counsel at Manatt, Phelps & Phillips. Previously, she was senior counsel and co-chair of the cybersecurity, data breach, and privacy team at Holland & Knight.

Professional Activities

Kaylee is a Certified Information Privacy Professional (CIPP) by the International Association of Privacy Professionals. She also serves on the Center for a New American Security, Technology Policy Lab Working Group for Data Privacy. She previously served on the Bar Association of the District of Columbia Board of Directors and National Security Steering Committee. She is also a member of Women in CyberSecurity (WiCyS).

Beginning Spring 2024, Kaylee will serve as an adjunct professor at Georgetown University Law Center where she will teach a cybersecurity course titled Cyber Threat Landscape: Legal Considerations at the Crossroads of the Public and Private Sectors.



LLMNational Security Law2013

Georgetown University Law Center

(with distinction)


University of Miami School of Law

(magna cum laude)


University of Arkansas

(cum laude)



  • District of Columbia
  • New York

Recognition & Awards

Kaylee was recognized by the Legal 500 US for her work in Cyber law (including data privacy and data protection) in 2023.

Holland & Knight recognized Kaylee as a Rising Star in 2019.


  • Panelist, “Understanding and Applying the SEC’s New Cybersecurity Rules” NASDAQ Webinar, February 2024
  • Moderator, “2024 Children’s Privacy Outlook: Preparing for Regulatory Changes,” Webinar, February 2024
  • Panelist, “A New Age for the Cyber Regulatory Landscape: Navigating Liability and Building Cybersecurity Programs,” Webinar, January 2024
  • Panelist, “This Time, It's Personal (Cyber Liability for Corporate Officers): Understanding Risk and Exposure in a Changing Regulatory Landscape,” Webinar, November 2023
  • Panelist, “The Evolution of Cyber Risk Management: New Regs, AI, Data Governance – Oh My!,” WithMe Webinar, September 2023
  • Panelist, “Artificial Intelligence – Federal and Commercial Sector Procurement Considerations,” Webinar, September 2023
  • Co-Author, “4 Mistakes to Avoid After a Cybersecurity Incident,” Law 360, August 28, 2023
  • Panelist, “The Wait is Over: The SEC Finalizes Cybersecurity Disclosure Rules for Public Companies,” Webinar, August 2023
  • Panelist, “AI Trust & Security: What Executives, Boards and Their Advisors Should Know,” Women Leaders in Cybersecurity Webinar, July 2023
  • Panelist, “Cyber Attack Simulation,” 7th Annual Boston Conference on Cyber Security, June 2023
  • Panelist, “Proposed SEC Rules Will Require Enhanced Disclosures Related to Companies’ Cybersecurity Risk Management and the Expertise of Boards of Directors,” Webinar, April 2023
  • Speaker, “Small Group Discussion Round 3: Crisis Management,” TechGC First Time GC Conference (March 2023)
  • Speaker, “National and Data Security Panel,” Public Leadership Education Network, Women in STEM Policy Seminar (March 2023)
  • Panelist, “Cyber New Year’s Resolutions: Predictions and Best Practices for Risk Management,” IAPP Web Conferences (January 2023)
  • Panelist, “Proposed SEC Rules Will Force Public Companies to Dramatically Rethink Cybersecurity Investigations and Response Strategy,” Webinar (December 2022)
  • Speaker, “Navigating Data Privacy & Managing Vendors for Multifamily Housing,” National Apartment Association Apartmentalize Conference (June 2022)
  • Moderator, “National and Data Security,” Public Leadership Education Network, Women in STEM Policy Seminar (March 2022)
  • Speaker, “Data Security and Protection,” Public Leadership Education Network, Women in STEM Policy Seminar (January 2021)
  • Co-Author, “COVID-19: Evolving Cybersecurity Considerations for Business,” Corporate Compliance Insights (March 2020)
  • Co-Author, “6 Changes in California’s New Draft Privacy Regulations,” Law 360 (March 2020)
  • Speaker, “Data Privacy and Security Regulations,” National Multifamily Housing Council, 2020 OPTECH Conference (November 2020)
  • Speaker, “Privacy, Data, and the Future of Internet-Driven Amenities,” National Apartment Association, APTvirtual Conference (November 2020)
  • Speaker, Cybersecurity Breakout Session, PLEN, Women in Law and Legal Advocacy Seminar (October 2020)
  • Moderator, “Data Privacy Laws Are Here: What You Need to Know to Comply,” National Multifamily Housing Council, 2020 Annual Meeting (January 2020)
  • Speaker, “Coming Soon: Stronger Consumer Data Protections,” National Multifamily Housing Council, 2019 OPTECH Conference (November 2019)
  • Speaker, “CCPA and Beyond: How To Be Ready for New Privacy and Data Security Threats in the Digital Age,” National Association of Women Lawyers’ General Counsel Institute (November 2019)
  • Moderator, “The Security Implications of New and Emerging Privacy Laws,” Privacy+Security Forum (October 2019)
  • Speaker, “Are You Ready for the New Data Privacy Rules?” 2019 National Multifamily Housing Council, Fall Meeting (September 2019)
  • Panelist, “Data Privacy and Cybersecurity,” Asian Pacific Interest Section (APIS) 24th Annual APIS Conference (April 2019)
  • Speaker, “The California Consumer Privacy Act and the Future of Privacy Regulation,” GW Law Federal Communications Law Journal Symposium (March 2019)
  • Moderator, “Women in National and Cyber Security,” Public Leadership Education Network, Women in STEM Policy Conference (January 2019)
  • Panelist, “The Basics of a Solid Data Management Program,” NMHC OPTECH Conference & Exposition (November 2018)
  • Co-Author, “Five Key Takeaways from California’s Watershed Privacy Law,” Insurance Journal (July 2018)
  • Speaker, “Privacy and Cybersecurity: Breaches, the EU GDPR, and Proxy Attacks,” The Washington Foreign Law Society (June 2018)
  • Speaker, “International STEM Policy Breakout Session: Cyber Security,” The Public Leadership Education Network Women in Global Policy 2018 Seminar (May 2018)
  • Supplemental Author, “A Buyer’s Guide to Cyber Liability Insurance Coverage, 2nd Edition” (2017)
  • Speaker, “Cybersecurity and the Law,” The Public Leadership Education Network Women, Law, and Legal Advocacy Seminar (October 2017)
  • Speaker, “The Continuously Emerging World of Cybersecurity – Are You Compliant?,” Small and Emerging Contractors Advisory Forum (SECAF) Member Forum (April 2017)
  • Speaker, “Multifamily and Cybersecurity: Threat Landscape and Best Practices,” 4th Annual Northern Virginia Apartment Summit: Multifamily Opportunities in a Time of Disruption (2017)
  • Speaker, “Cybersecurity: The Nuts and Bolts of Compliance,” Federal Publications Seminars Government Contracts Conference (March 2017)
  • Co-Author, “A Necessary Paradigm: Leveraging Legal Counsel to Mitigate Cyber Risk,” Insurance Law Committee Update of the International Bar Association Legal Practice Division (March 2017)
  • Panelist, “Internet Law Update: Cyber Security and E-Commerce,” 4th Annual Caribbean Corporate Counsel Summit, Association of Caribbean Corporate Counsel (September 2016)
  • Co-Author, “CFPB Expands UDAAP Jurisdiction in First Foray into Data Security Enforcement,” The Banking Law Journal (May 2016)
  • Quoted in Article, “Cybersecurity in Construction,” Constructech (March 2016)
  • Speaker, “Insights for 2016: A Year for Government Transition, A Year of Increased Cyber Risks,” Southern Law Network 16th Annual General Counsel Conference (October 2015)
  • Co-Author, “How to Avoid Choosing the Wrong Cybersecurity Firm,” JD Supra Perspectives (June 2015)