Anatomy of a Ransomware Attack: Breach Response, Cyber Insurance, and Post-Incident Remediation Strategy

Spencer S. Pollock, Esq., CIPP/US, CIPM, Member | McDonald Hopkins LLC

Spencer Pollock is an award-winning data privacy and cybersecurity attorney who serves as a Member of McDonald Hopkins’ national Data Privacy and Cybersecurity team. Based in Baltimore, he specializes in incident response and privacy consulting, having handled hundreds of cyber incidents and data breaches for clients across financial services, healthcare, insurance, education, and managed service provider industries.

• Education & Credentials

Pollock earned his Juris Doctor from the University of Baltimore School of Law in 2012 and holds a Bachelor of Arts in Political Science from Sewanee: The University of the South. He is admitted to practice in Maryland, the District of Columbia, and the U.S. District Court for the District of Maryland. He holds two leading privacy credentials from the International Association of Privacy Professionals — Certified Information Privacy Professional/United States (CIPP/US) and Certified Information Privacy Manager (CIPM) — and is a Certified Mediator.

• Recognition & Leadership

Pollock has been recognized as a Maryland Super Lawyers Rising Star for six consecutive years (2020–2025) and has been consistently ranked in Business Litigation. He hosts the Cyber Law Revolution podcast, which was named to FeedSpot’s Top 10 Breach Podcasts list in 2025 and recently released its milestone 100th episode. In 2022, he anchored McDonald Hopkins’ expansion into Maryland by launching the firm’s Baltimore office. He is frequently called upon for national legal and business commentary on cybersecurity incidents, and has been featured or quoted in The American Lawyer, CBS News Baltimore (WJZ-TV), WBAL, Fox 45, and the Cyber Insurance Leaders podcast.

• Professional Involvement

Pollock is an active member of the Maryland State Bar Association, where he serves on the Cybersecurity Task Force, and the International Association of Privacy Professionals (IAPP). He is a prolific author and speaker, regularly presenting at industry programs including NetDiligence Cyber Risk Summits, IT Nation Connect and IT Nation Secure, the ABA TIPS Section Conference, the GTIA Cybersecurity Conference, and regional CPCU, AFP, and URMIA chapters nationwide. He has authored numerous articles on HIPAA compliance, ransomware defense, state privacy legislation, AI governance, and forensic report privilege, and delivers CLE programs through Quimbee, Celesq, HalfMoon Education, and CeriFi.

• Experience

With more than a decade of legal practice, Pollock has guided clients through ransomware attacks, business email compromises, cyber extortion events, vendor-caused breaches, and multi-state notification obligations, while defending them in regulatory investigations before state attorneys general, HHS OCR, and NYDFS. His practice spans the full lifecycle of cyber risk management — pre-breach readiness, incident response, forensic coordination, ransom negotiation strategy, notification compliance under state, federal, and international laws, and post-breach remediation and litigation defense. He also advises C-Suites and boards on enterprise-wide risk management, cyber insurance procurement and claims, vendor due diligence, and AI governance. Before joining McDonald Hopkins in 2022, Pollock practiced at Whiteford, Taylor & Preston and Niles, Barton & Wilmer, where he built a substantial civil trial practice with an 85% win rate as lead counsel in more than 50 jury trials.

Kelly Campbell, CIPP/US, Counsel | McDonald Hopkins LLC

Kelly Campbell is Counsel on McDonald Hopkins’ national Data Privacy and Cybersecurity team, based in the firm’s Baltimore office. She advises clients across a wide variety of industries on addressing data privacy and cybersecurity incidents in compliance with state, federal, and international laws, guiding them through investigation, messaging and public communications, breach notification obligations, post-breach response, and proactive pre-breach services designed to protect personal, sensitive, and confidential information.

• Education & Credentials

Campbell earned her Juris Doctor from the University of Baltimore School of Law, where she served as Editor-in-Chief of the University of Baltimore Law Review. She holds a Bachelor of Arts in Public Relations from the University of South Carolina. She is admitted to practice in Maryland and the District of Columbia, as well as before the U.S. District Court for the District of Maryland and the U.S. Court of Appeals for the Fourth Circuit. The International Association of Privacy Professionals (IAPP) recognizes Campbell as a Certified Information Privacy Professional (CIPP/US).

• Recognition & Leadership

Campbell was selected to the 2026 Maryland Super Lawyers Rising Stars list, and in 2024 she was named among the Living Classrooms Foundation’s Rising Stars by the Baltimore Business Journal, which recognizes accomplished young professionals making meaningful contributions to the Baltimore community. In 2022, she helped launch McDonald Hopkins’ new Baltimore office as a founding attorney of the firm’s Maryland presence, extending the national Data Privacy and Cybersecurity practice into the Baltimore–D.C. corridor.

• Professional Involvement

Campbell is an active member of the Maryland State Bar Association’s Young Lawyers Section, the Federal Bar Association, the Baltimore City Bar Association, and the IAPP. She is a frequent author and speaker on data privacy and cybersecurity topics, with recent presentations including “Cybersecurity for Solos – Defending Your Firm” (2025), “Legislative and Regulatory Update” at the Stronger Conference 2024, “Cyber & Privacy Headaches” at the Mid-Atlantic AFP Treasury and Financial Forum, “The Cyber Arms Race” at the URMIA Annual Conference, and “Insurance Data Security Model Laws” at the Big I Maryland Annual Conference. She has authored articles on California’s data breach notification law, MSP liability, Washington’s My Health My Data Act, and state-level ransomware legislation, and has been quoted in Privacy Daily on multi-state notification deadlines. She is passionate about providing equitable education and opportunities to students throughout her community.

• Experience

With experience spanning the full lifecycle of cyber incident response, Campbell has guided clients through ransomware attacks, business email compromises, vendor-caused breaches, and complex multi-state notification obligations under evolving state, federal, and international privacy regimes. Her pre-breach work includes policy development, vendor due diligence, employee training, and building incident response plans designed to minimize risk and strengthen compliance posture. In addition to her data privacy and cybersecurity practice, Campbell maintains an active complex commercial litigation practice, representing clients in state and federal courts. Before joining McDonald Hopkins in 2022, she practiced at Whiteford, Taylor & Preston LLP in Baltimore, where she began focusing on data security and cybersecurity matters and co-authored published guidance on ransomware and insider threats.

SESSION 1 – Current Threat Landscape and Cyber Insurance Navigation | 1:00pm – 1:30pm

Examine today’s evolving ransomware, business email compromise, and data breach threats alongside emerging legal issues, while learning how to evaluate cyber insurance policies, identify coverage gaps, and secure adequate protection for organizational clients.

SESSION 2 – Proactive Measures Before a Breach Occurs | 1:30pm – 2:00pm

Discover essential preventive strategies organizations must implement before a cyber-attack strikes, including enterprise-wide risk management frameworks, incident response planning, employee training protocols, and vendor management practices that minimize exposure and strengthen defenses.

BREAK | 2:00pm – 2:10pm

SESSION 3 – Avoiding Common Mistakes During Breach Response | 2:10pm – 2:40pm

Identify critical errors organizations frequently make when responding to active cyber incidents, and learn proven protocols for preserving privilege, coordinating with law enforcement, managing ransom negotiations, and meeting notification obligations under applicable state and federal regulations.

SESSION 4 – Remediation And Prevention of Future Breaches | 2:40pm – 3:10pm

Master post-incident remediation steps that transform breach experiences into stronger security postures, including forensic investigation protocols, system hardening, policy revisions, and long-term strategies designed to prevent recurring attacks and protect against future cyber threats.