Brandy Worden,



Brandy Worden works at the intersection of law and technology. As a CIPP/US, CIPP/E, and Harvard- certified cyber risk management professional, she counsels clients on both domestic and international cybersecurity, privacy and insurance coverage issues. As a prolific thought leader in the industry, Brandy has been featured in Bloomberg and the Financial Times.

Brandy has counseled companies on a comprehensive number of cybersecurity and privacy issues. In this space, Brandy has worked with companies to help develop resilience to cybersecurity and privacy incidents by developing privacy corporate governance structures, drafting internal and consumer facing policies, navigating cross-border privacy issues, drafting cybersecurity and privacy contract language, conducting incident response planning, and counseling on other compliance issues.

When cybersecurity and privacy incidents arise, Brandy has supported companies in the aftermath. This has included serving as a “breach coach” to coordinate and counsel on effective data breach response, including investigation, notification, remediation, and vendor and regulator interface. Brandy draws on her experiences as a law clerk for heavyweight regulators like the Federal Trade Commission and U.S. Attorney’s Office to represent clients in regulator investigations and in litigation.

Brandy pairs this deep understanding of cybersecurity and privacy with her many years as an insurance coverage lawyer to represent insurance clients on cyber risk coverage issues. In addition to cyber risk, Brandy represents insurance carriers in property, energy and infrastructure industry claims (including damages exceeding $700M) and litigation in state and federal court throughout the U.S. including coverage analysis and subrogation, dispute resolution, strategic advice and prepping for trial.



Drafted GDPR consent agreement for global cosmetics company.

Assisted drafting cybersecurity provisions of client’s vendor agreements. (Prior to joining Robins Kaplan LLP)

Drafted cyber incident response planning and information security policies for a law firm. (Prior to joining Robins Kaplan LLP)

Counseled hospitality client through data breach response best practices and reporting and notification requirements. (Prior to joining Robins Kaplan LLP)

Successfully opposed a motion to compel arbitration of a domestic dispute internationally both at the state court and appellate levels.  (Prior to joining Robins Kaplan LLP)

First chaired a pro bono trial and successfully obtained emergency custody and support orders for a victim of domestic violence. (Prior to joining Robins Kaplan LLP)

Successfully filed and argued a motion for summary adjudication largely resolving the liability claims in a property dispute matter. (Prior to joining Robins Kaplan LLP)

Served as interim regional counsel for a retail Fortune 100 company, managing commercial litigation across 13 states. (Prior to joining Robins Kaplan LLP)

Represented a developer client and successfully opposed a motion for summary judgment filed by a grader subcontractor regarding an alleged “as-is” provision in the contract. (Prior to joining Robins Kaplan LLP)

  • “Outstanding Volunteer Award,” San Francisco Bar Association (2010)

  • Bay Area Legal Aid – Family Law Clinic, Volunteer (2014-2017)
  • Consumer Debt Defense and Education Clinic, Volunteer (2009-2012)
  • School-to-College Program, Volunteer Mentor (2009-2011)
  • Hastings Associated Students for Kids, Volunteer (2009-2011)
Bar Admissions
  • California
  • U.S. Court of Appeals, Ninth Circuit
  • U.S. District Court, Central District of California
  • U.S. District Court, Eastern District of California
  • U.S. District Court, Northern District of California
  • U.S. District Court, Southern District of California
  • University of California, Hastings College of Law, J.D. (2011); Hastings Communications & Entertainment Law Journal, Staff Editor (2009-2010), Executive Symposium Editor (2010-2011)
  • University of California, San Diego, B.A. in Political Science, Minor in Literature & Writing (2008)
Professional Associations
  • International Association of Privacy Professionals
  • Women in Security and Privacy
  • California Bar Association
  • Claims and Litigation Management Alliance
  • Cybersecurity Certification: Managing Risk in the Digital Age, Harvard University (2018)
  • Certified Information Privacy Professional/Europe, The International Association of Privacy Professionals (2018)
  • Certified Information Privacy Professional/United States, The International Association of Privacy Professionals (2017)

  • Interview contributor, “New Financial Services Cyber Laws Lay Responsibility on Boards,” Agenda Week of the Financial Times (August 7, 2017)

  • Taking and Defending Remote Depositions
    Robins Kaplan LLP, Webinar (July 14, 2020)
  • Artificial Intelligence Privacy Compliance Bootcamp
    Orange County KnowledgeNet Chapter Meeting, Webinar (March 12, 2020)
  • CCPA: Practical Survival Guide
    Santa Monica CA, (February 5, 2020)
  • California Spells GDPR as CCPA
    Robins Kaplan, Los Angeles, California (November 18, 2019)
  • Cyber Insurance 101
    Minnesota Claim Managers Association Meeting, Eden Prairie, Minnesota (November 6, 2019) 
  • CCPA Expert Bar
    IAPP Privacy. Security. Risk. 2019 Conference, Las Vegas, Nevada (September 25, 2019)
  • Cyber Incident Response Simulation
    Robins Kaplan LLP, Minneapolis, MN (June 1, 2019)
  • What the CCPA and GDPR Mean for Insurance Coverage
    Farmington, CT, (May 28, 2019)
  • Fencing in Personal Data to Minimize Risks of Privacy Class and Regulatory Actions
    AI Legal Summit: Solutions for Averting IP and Privacy Litigation in the Age of Artificial Intelligence, San Carlos, California (May 9, 2019)
  • Cyber Attacks on Energy Companies
    Tampa, FL (April 19, 2018)
  • Ransomware Attack Survival Guide for Businesses
    Builder’s Update, Pacific Club, Newport Beach, California (February 14, 2018)
  • Making the Most of Your Cyber Insurance
    Orange County Bar Association, Insurance Law Section, Newport Beach, California (December 12, 2017)
  • Master of Ceremonies, Web 3.0: Online Privacy Law, Politics and Business Issues of the New Decade
    University of California Hastings Communications and Entertainment Law Journal Symposium, San Francisco, California (September 23, 2010)
Back to Top