Overview

Alyssa is a vice chair of the Constangy Cyber Team and is located in Denver, Colorado. She is also licensed in New York, enabling her to support clients with matters spanning multiple jurisdictions.

Alyssa dedicates her practice solely to managing data security incidents and helping clients anticipate, understand, and proactively mitigate cyber risk. Alyssa provides fully managed incident response services to clients of all sizes and across all industry sectors. She has in-depth experience working with cyber insurance carriers and brokers to support both internal and external stakeholders, including insured businesses. Her work often involves navigating complex regulatory frameworks, including the GDPR, HIPAA, GLBA, and U.S. state breach notification laws, as well as evolving state privacy laws such as the CCPA/CPRA and other similar state laws.

In addition to pragmatically managing responses to data security incidents, Alyssa also provides clients with proactive data privacy and information security resources and training. Her prior work defending clients in complex civil litigation and regulatory investigations gives her unique insight into the importance of mitigating liability related to data privacy and security events. During the course of incident response, Alyssa frequently facilitates digital forensics investigations, network restoration projects, and ransom negotiations. She regularly assesses and helps clients fulfill consumer and regulatory notification obligations, liaises with law enforcement, advises on communications strategies, and supports compliance with applicable data privacy regulations.

Alyssa frequently speaks on cyber insurance, data privacy, and risk mitigation. She regularly presents at national conferences, where she shares insights on breach response strategy, regulatory developments, and risk reduction.

She previously worked as a litigation associate at an AmLaw 100 firm in New York and began her legal career with internships at the U.S. Department of State and the U.S. Department of Labor. Alyssa earned her Juris Doctor from New York University School of Law, where she was a Robert McKay Scholar and served as an editor on the Annual Survey of American Law. She earned her Bachelor of Arts degree magna cum laude from the University of Maryland.

About Me

Outside of work, Alyssa spends time with her two young children and enjoys traveling, hiking, and skiing in the Rocky Mountains.

Experience

Representative Matters

  • Coordinated incident response services for hundreds of clients, of all sizes and in all industry sectors (including, for example, healthcare, insurance, financial services, real estate, technology, retail, construction, and manufacturing), to assist them in recovering from, investigating, and responding to cybersecurity and data privacy incidents. Such incidents have included network intrusions, ransomware encryption and data extortion attacks, business email compromises, fraudulent wire transfer schemes, data loss/theft events, and internal threats, among others.

  • Provided fully managed incident response services to a Colorado municipality that fell victim to a BlackCat ransomware attack. This included, among other things, the identification of resources to assist with network restoration, the facilitation and management of a complex forensic investigation, the provision of strategic guidance with respect to external communications and threat actor negotiations, and the identification and fulfillment of applicable notification/reporting obligations, including to current/former employees, members of the public, and regulators.

  • Developed and executed strategy for a nonprofit, regional healthcare network to respond to a widespread business email compromise impacting employee personal information and patient-protected health information. This included, among other things, the facilitation and management of a complex forensic investigation, the identification and fulfillment of applicable notification/reporting obligations, the provision of defense services in response to a related class action lawsuit, and the preparation and coordination of responses to follow-on regulatory inquiries.

  • Guided the incident response efforts of an insurance agency in connection with a business email compromise resulting in the wire transfer of nearly $8,000,000 to a fraudulent bank account in Hong Kong. This included the coordination of funds recovery efforts involving the Federal Bureau of Investigation and relevant banking institutions, as well as the provision of communications guidance with respect to stakeholders associated with the transaction.

  • Advised a publicly-traded (NYSE) real estate company in connection with its response to, and investigation of, a Lockbit ransomware attack involving significant data exfiltration and subsequent notification to consumers/regulators.

  • Advised a publicly-traded (Nasdaq) engineering and scientific consulting firm in connection with its response to, and investigation of, a Ryuk ransomware attack involving analysis of Securities and Exchange Commission reporting obligations.

  • Prepared and facilitated Tabletop Exercises for a wide variety of clients including, for example, a U.S. law firm with approximately 300 attorneys located across 10 offices, an integrated financial services company with 1,800+ associates providing insurance and wealth management solutions, and an international real estate developer and manager with an estimated 20,000 employees.

  • Defended a provider of all-inclusive care for the elderly in a class action lawsuit stemming from an email spoofing attack resulting in the unauthorized acquisition of employee IRS Tax Form W-2 information.

  • Conducted an investigation on behalf of a client into allegations that the client's subsidiary allegedly had bribed foreign government officials in order to win business, in violation of the Foreign Corrupt Practices Act.

  • Led an investigation into whether or not company executives had knowledge of the conditions that led to an accident on company property, in violation of their fiduciary duties to shareholders, on behalf of a Special Litigation Committee established after the accident. Drafted a report and presented findings to the committee.

  • Represented a multinational corporation under scrutiny by U.S. and foreign antitrust authorities for possible bid-rigging and price-fixing violations.

  • Represented a client who was under investigation for wrongdoing by the U.S. Securities and Exchange Commission after the bankruptcy of a financial services firm.

  • Actively researched and analyzed difficult legal issues as part of team investigations and litigations. Drafted related memoranda, pleadings, motions, briefs, and reports of findings.

  • Interviewed critical fact and expert witnesses and drafted summaries, affidavits, and reports. Participated in and directed depositions in multi-billion dollar securities cases. Presented and argued in open court, and conducted examinations and cross-examinations, in immigration cases.

  • Managed the logistics of discovery for a number of cases, including several that involved foreign witnesses and documents. Oversaw a team of lawyers, negotiated with opposing counsel, collaborated with co-defense attorneys, and advocated for clients in discovery disputes.

  • Regularly represented clients pro bono in matters involving applications for Asylum, U-Visas, and T-Visas. Designed a system to regularly represent U-Visa applicants; and was awarded the Sanctuary for Families' 2010 Award for Excellence in Pro Bono Advocacy for the system.

Credentials

Education

New York University School of Law

  • J.D., 2007
  • Robert McKay Scholar (Top 25%)
  • Annual Survey of American Law, Staff Editor

University of Maryland

  • B.A., magna cum laude, 2004
  • Journalism, Government & Politics
  • Phi Beta Kappa; Kappa Tau Alpha (Journalism)
  • Dean’s List (All semesters)
  • Dean’s Award for Academic Excellence
  • College Park Scholars Citation (Media, Self, & Society)
  • Diamondback Newspaper, Writer and Beat Reporter
  • Phi Sigma Pi National Honor, Fraternity President and Committee Chair

Media

Admissions

  • Colorado, 2015
  • New York, 2008

"Integrity is doing the right thing, even when no one is watching."

C.S. Lewis
Jump to Page

Constangy, Brooks, Smith & Prophete, LLP Cookie Preference Center

Your Privacy

When using this website, Constangy and certain third parties may collect and use cookies or similar technologies to enhance your experience. These technologies may collect information about your device, activity on our website, and preferences. Some cookies are essential to site functionality, while others help us analyze performance and usage trends to improve our content and features.

Please note that if you return to this website from a different browser or device, you may need to reselect your cookie preferences.

For more information about our privacy practices, including your rights and choices, please see our Privacy Policy. 

Strictly Necessary Cookies

Always Active

Strictly Necessary Cookies are essential for the website to function, and cannot be turned off. We use this type of cookie for purposes such as security, network management, and accessibility. You can set your browser to block or alert you about these cookies, but if you do so, some parts of the site will not work. 

Functionality Cookies

Always Active

Functionality Cookies are used to enhance the functionality and personalization of this website. These cookies support features like embedded content (such as video or audio), keyword search highlighting, and remembering your preferences across pages—for example, your cookie choices or form inputs during submission.

Some of these cookies are managed by third-party service providers whose features are embedded on our site. These cookies do not store personal information and are necessary for certain site features to work properly.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek