Nathan Salminen

Nathan Salminen helps clients evaluate and manage cybersecurity risks in the contexts of security incidents, security program development, commercial agreements and mergers. Nathan's combination of technical, legal, and business experience enables him to understand, explain, assess, and mitigate data security risks that span those areas.

Nathan helps clients navigate the chaotic stream of legal, reputational and technical issues that arise following the discovery of a potential security incident.  He also advises clients on mitigating the risks that such an incident will occur by working with companies to assess the compliance of their security program with legal obligations and industry standards, and by helping clients assess the privacy and data security risks associated with commercial relationships by developing robust contractual terms and assessing cybersecurity risks associated with mergers.  Nathan has helped guide many prominent companies through some of the largest security incidents, and some of the commercial matters with the most complex security aspects, that have arisen in recent years.

Before becoming a lawyer, Nathan worked as a software engineer and manager of technical teams for 13 years, and he recently updated and focused his technical knowledge by completing one of the most technically demanding penetration testing and ethical hacking certifications: the Offensive Security Certified Professional (OSCP). Nathan's technical background allows him to assess the technical implications of legal issues and the legal implications of technical issues.

Nathan also helps clients meet their privacy, data protection, and data security obligations under the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Payment Card Industry Data Security Standard (PCI DSS).