Richard Borden

Richard M. Borden


Richard M. Borden


  • Overview


    Rick Borden focuses his practice on three core intersecting areas: big data governance and the Internet of Things, cybersecurity risk management, and technology sourcing and transactions.

    Before joining the firm, Mr. Borden served as the chief privacy officer and chief information security and privacy counsel of Depository Trust & Clearing Corporation (DTCC). He also acted as the general counsel of Soltra, the DTCC and Financial Services – Information Sharing and Analysis Center (FS-ISAC) - automated threat-sharing joint venture. During his tenure, Mr. Borden focused much of his outreach on alerting the business community to the risks and vulnerabilities in the cyber network.

    Prior to joining DTCC, Mr. Borden was senior vice president and assistant general counsel at Bank of America, where he was responsible for cybersecurity, privacy issues, general technology, commercial contracting, outsourcing, licensing, data, and intellectual property for the bank and broker-dealer.

    Prior to joining Bank of America, Mr. Borden was an assistant general counsel at The Hartford, where he managed the 7 lawyers Technology Law Group that was responsible for all sourcing and technology contracts as well as intellectual property matters, including development of the patent department.

    Prior to joining The Hartford, Mr. Borden was counsel at Brown Raysman Millstein Felder & Steiner, specializing in venture capital and private equity funded companies, and general counsel at Paradigm4, a private equity funded wireless data and systems integration company.

    As one of the leading corporate Cybersecurity attorneys in the nation, Mr. Borden has taught university law school courses on information governance, cyber warfare and cybersecurity, including at the University of Connecticut School of Law, Benjamin Cardozo School of Law in New York, and Rutgers Law School in New Jersey.

    Mr. Borden also is an inventor. He holds two patents covering insurance processing systems and methods for using mobile devices for medical monitoring application (US9224171B2, and US8510133B2) and one patent covering systems and methods for managing an emergency situation (US9349366B2).

    Big Data Governance and the Internet of Things (IoT)

    The Internet of Things (IoT) and the ever-expanding breadth of big data involve an entire value chain of hardware, software, and services—and legal risk and compliance concerns. Mr. Borden is at the forefront of advising clients who have deployed data-driven technologies across their enterprises, including the use of smart sensors and machine-to-machine and machine-to-human communications. He advises on the following:

    • data protection compliance programs, audits, and responses to government compliance reviews
    • privacy policies, documentation, and procedures as well as privacy impact assessments
    • data sharing, including exploitation of big data
    • collection and use of employee and consumer personal data, including export of personal data to countries outside the European Economic Area
    • financial services and critical infrastructure matters
    • bring your own device (BYOD) and mobile computing policies
    • mobile payments
    • privacy and data protection legal analysis, compliance counseling, and cross-border data movement

    Cybersecurity and Privacy Risk Management

    Mr. Borden is a leading voice in the science of analyzing data workflows to identify risk areas from the perspectives of process, policy, and technological controls. He has worked across IT and legal to articulate risk and drive the development of a universal mitigation strategy in alignment with his clients' overall risk management tolerances.

    Mr. Borden assists clients to reform operational activities to mitigate and control the risks posed by processes, people, systems and events, including advising on cyber and privacy policies, best practices, reporting, auditing, and review. In particular, he is well versed in these areas:

    • novel cyber and privacy risk information aggregation and reporting frameworks for C-suite and boards of directors evaluations
    • regulatory investigations and compliance counseling
    • cybercrime and data breach insurance policies and claims
    • cross border data movement analysis and compliance
    • disclosing of data to law enforcement authorities
    • corporate risk management and reporting
    • payment card association, post-breach penalties and audits
    • virtual insurance companies

    Technology Sourcing and Transactions

    Mr. Borden has extensive and unique experience representing clients in drafting and negotiating long-term, collaborative deals to develop and commercialize innovation.

    This experience includes software development agreements, IT platform agreements, outsourcing agreements (including business process outsourcing, supply chain, manufacturing, and IT), implementation and integration agreements, and managed services. Specifically, he focuses on the following:

    • Software as a Service (SaaS) and cloud contracting
    • master services agreements
    • joint ventures and strategic alliances
    • dispute avoidance and dispute resolutions relating to IT/Outsourcing relationships
    • cyber forensics and legal issues associated with blockchain, encryption, and cryptography
  • Experience
    • Experience


      • Served as the first lawyer on a multi-national bank’s Cyber Forensics team, which works to protect the company from cybersecurity threats and minimize harm from any attacks.

      • Handled cybersecurity, privacy issues, and intellectual property matters for a multi-national bank.

      • Teaches law school courses on information governance, cyber warfare and cybersecurity.

      • Developed cybersecurity policies, training, awareness, monitoring and testing for a financial services corporation.

      • Restructured privacy department for a major corporation.

      • Negotiated Cloud Computing agreement and numerous Software as a Service agreements which addressed privacy, data security and service for an investment and insurance company.

      • Regularly advises on transactional intellectual property, such as the impact on ownership of hardware and software in corporate purchases.


    • Professional Associations

      Professional Associations

      RANE Network
      Senior Advisor, Privacy and Information Protection

      International Association of Privacy Professionals
      Certified Information Privacy Professional
    • Honors + Awards

      Honors + Awards

      2017 JD Supra Readers' Choice Awards Top Author on the subject of Cybersecurity

    • Community Involvement

      Community Involvement

      Benjamin N. Cardozo School of Law
      Adjunct Professor of Law, Information Governance (2015 - present)

      Rutgers Law School
      Adjunct Professor of Law, Cyber Warfare and Cybersecurity (2016)

      University of Connecticut School of Law
      Adjunct Professor of Law, Information Governance (2016)
    • Publications


      "A New Focus on Law Firm Cybersecurity," contributor to article, published in the Midsize Law Firms Blog of the Legal Executive Institute (1/11/2017)
      • » more info
      • View article

      "The Cyber Regulation Drops," published on LinkedIn (9/23/2016)
      • » more info
      • View article

      "The End of the (Cyber) World As We Know It?" published in The Huffington Post, co-authored with Daniel Garrie, managing director at Law and Forensics, and Yoav M. Griver, a partner at Zeichner Ellman & Krause LLP (9/23/2016)
      • » more info
      • View article

      "Modernizing Vendor Risk Management in Financial Services," published in Law360 (7/25/2016)
      • » more info
      • View article

      "Putting Out A Cyber Fire: 7 Rules For Hospitals," published in Law360, co-authored with Daniel Garrie, executive managing partner of Law & Forensics LLC (7/15/2016)
      • » more info
      • View article

      "Burning Down the House: Why is a Cyber Attack Different from a Fire Under the Law?" published in The Huffington Post, co-authored with Daniel B. Garrie, adjunct professor of law at Cardozo Law (6/9/2016)
      • » more info
      • View article

    • Presentations


      "NYS Cybersecurity Regulation: What Boards, the C-Suite, and GCs Need to Know about Complying with the NY Department of Financial Services Cybersecurity Regulation," co-presented with Andrea Donovan Napp and Linn F. Freedman, at Robinson+Cole's New York City office (2/27/2017)
      • » more info

      "What is a Cybersecurity Attorney and Why Should You Have One?" Webinar, Clear Law Institute (February 2017)
      • » more info

      "Developing Cybersecurity Strategies and Best Practices for the Acquisition Supply Chain," at the 2017 Cybersecurity Acquisition Supply Chain Workshop, sponsored by American Council for Technology-Industry Advisory Council in Washington, DC (2/8/2017)
      • » more info

      "How Can Companies Respond to Cyber Attacks by State Actors," in West LegalEdcenter webcast (2/7/2017)
      • » more info

      "The Endpoints," panelist, at the Chief Information Security Officer (CISO) Executive Network's Roundtable Breakfast Series at Robinson+Cole's Hartford office (1/31/2017)
      • » more info

      "Surveilling the Future," moderator, at the Connecticut Law Review's annual symposium Privacy, Security, and Power: The State of Digital Surveillance at the University of Connecticut School of Law in Hartford (1/27/2017)
      • » more info

      "Peeling Back the Layers of the Cyber Regulation," co-presented with Chip Block of Evolver, webinar (12/16/2016)
      • » more info

      "Data Security & the Role of the Retirement Fiduciary," co-presented with Tyler Polk of Fiduciary Investment Advisors and Ryan Rodrique of Wolf & Company, webinar (12/15/2016)
      • » more info

      "The World of Digital Currency for Investigators," at event in New York City sponsored by the Society of Professional Investigators (11/17/2016)
      • » more info

      "Mapping the Threat Landscape: Targeting the Enterprise Response," at the Journal of Law and Cyber Warfare Conference 2016, held at the Cardozo Law School in New York City (11/3/2016)
      • » more info

      "The First Step Is a Two Step: Information Governance and Cyber Risk Assessment," co-presented with Chip Block, vice president of Evolver, webinar (11/2/2016)
      • » more info

      "New York DFS Cyber Regulation," co-presented with Chip Block, vice president of Evolver (10/6/2016)
      • » more info

      "The Business of Securing Things," co-presented with Chip Block, vice president of Evolver Inc.; Craig Spiezle, founder and executive director of Online Trust Alliance; and Jeff Kaplan, founder and managing director of ThinkStrategies, at the Security of Things Forum in Cambridge, Massachusetts (9/22/2016)
      • » more info

      "Payments in focus, how can the payments revolution be supported by cloud applications to embrace the Fintech snowball," co-presented with Yonas Yohannes of Western Alliance Bancorp, Wayne Mekjian of Wells Fargo, Mark Peacock of Archstone Consulting, Sanjeev Mohan of RMS, and Balan Raman of Visa Inc, at Cloud Financial Services Conference USA (6/20/2016)
      • » more info

      "Defending against the external threat – trump the hackers by utilizing cloud security solutions to protect precious data," co-presented with Felix Candelario of Amazon Web Services, and a senior representative from Intel, at Cloud Financial Services Conference USA (6/21/2016)
      • » more info

    • News

      R+C in the News

      • March 23, 2017

        Rick Borden Co-authors LEI Article on New York DFS Cybersecurity Regulation

        • » more info
      • March 13, 2017

        Data Privacy and Cybersecurity Team Lawyers Speak About NYS Cybersecurity Regulation

        • » more info
      • March 10, 2017

        New Webinar Addresses How Cybersecurity Lawyers Can Help Companies

        • » more info
      • February 23, 2017

        Rick Borden Speaks on Keeping Companies Safe from Cyber Incidents

        • » more info
      • February 14, 2017

        Rick Borden Hosts CISO Executive Network Roundtable Breakfast

        • » more info
      • February 6, 2017

        Rick Borden Contributes to LEI Article on Law Firm Cybersecurity

        • » more info
      • January 30, 2017

        Rick Borden Moderates Program at Connecticut Law Review Privacy, Security, and Power Symposium

        • » more info
      • December 21, 2016

        Rick Borden Co-Presents Webinars on Data Security for Retirement Fiduciaries and Proposed Cyber Regulation Regarding Vendors

        • » more info
      • November 18, 2016

        Rick Borden Presents at SPI Event on Digital Currencies

        • » more info
      • November 8, 2016

        Rick Borden Presents on Cyber Preparedness and Cyber Warfare

        • » more info
      • October 24, 2016

        Rick Borden Presents on Cyber Regulations for Business Executives

        • » more info
      • October 17, 2016

        Rick Borden Publishes Articles on Cyber Regulations

        • » more info
      • October 7, 2016

        Rick Borden Participates in Security of Things Forum

        • » more info
      • August 2, 2016

        Rick Borden Writes Article on Vendor Risk Management for Law360

        • » more info
      • July 21, 2016

        Rick Borden Co-authors Article on How Hospitals Can Extinguish a Cyber Fire

        • » more info
      • June 24, 2016

        Richard Borden Presents at Cloud Financial Services Conference USA

        • » more info
      • June 17, 2016

        Rick Borden Writes Article on Cyber Attacks for Huffington Post

        • » more info

      R+C News Releases

      • June 21, 2016

        Robinson+Cole Welcomes Thirteen New Lawyers

        • » more info
        • View article
      • May 5, 2016

        Former Senior Vice President and Assistant General Counsel of Bank of America Joins Robinson+Cole’s Data Privacy + Security Team

        • » more info
        • View article