July 6, 2022

Volume XII, Number 187


Paul Ferrillo

Paul Ferrillo focuses his practice on cybersecurity corporate governance issues, complex securities and business litigation, and internal investigations. He assists clients with governance, disclosure, and regulatory matters relating to their cybersecurity postures and the regulatory requirements which govern them.

Paul represents public companies and their directors and officers in shareholder class and derivative actions, as well as in internal investigations. In particular, he has coordinated numerous internal investigations on behalf of audit committees and special committees and handled the defense of securities class actions alleging accounting irregularities and/or financial fraud.

Paul represents clients across a wide range of industries, including retail, apparel, financial services, investment banking, private equity, hedge funds, energy, oil and gas, and real estate.

He is also the author of Navigating the Cybersecurity Storm: A Guide for Directors and Officers (Advisen 2015) and Co-Author of Take Back Control of Your Cybersecurity Now: Game Changing Concepts on AI and Cyber Governance Solutions for Executives (Advisen 2017).


  • Cybersecurity corporate governance and risk management
  • Cybersecurity regulatory compliance under applicable federal and state rules, regulations and guidance
  • Cybersecurity Incident response planning, response, and crisis communications
  • Securities class action and derivative action litigation and investigations
  • Directors’ and officers’ (D&O) liability insurance issues for companies, boards, private equity funds, and hedge funds
  • D&O coverage in the class action litigation, mediation, and settlement process
  • Cybersecurity third-party vendor due diligence issues
  • Artificial intelligence and machine learning



  • J.D., St. John's University School of Law, 1989
  • B.A., St. John's University, 1986


  • New York

Articles in the National Law Review database by Paul Ferrillo