Amber Thomson Bio

Amber Thomson counsels a wide range of clients, including private equity firms, financial institutions, and retailers, on complex and cutting-edge issues related to cybersecurity and privacy. She also helps clients assess and implement compliance and remediation efforts to comply with international and domestic regulations, including US state comprehensive privacy laws, CPRA, COPPA, HIPAA, TCPA, PCI DSS, CAN SPAM, and GDPR. Amber's cybersecurity incident experiences range from deepfakes to double- and triple-extortion ransomware attacks. Carrying out these efforts, she advises clients through the incident response life cycle, including remediation, investigation, and notification. Amber also represents clients in class-action data breach litigation cases and helps clients respond to federal and state regulatory inquiries that result from these incidents. Amber also regularly collaborates on privacy and data security due diligence and facilitates executive and board training on incident response, privacy legal compliance, and the US cybersecurity and privacy law landscape. Clients trust and rely on Amber's experience as well as her practical, business-centric approach to client management. Amber is recognized as a Certified AI Governance Professional (AIGP) by the International Association of Privacy Professionals (IAPP).