Incident Response Forum 2017

A Data Breach Response Conference for Legal and Compliance Professionals
**Tuesday, April 4, 2017, The Mayflower Hotel, Washington, D.C.**
Presented by Cybersecurity Docket


Incident Response Forum 2017 is the first conference of its kind. It is focused solely on the field of Incident Response – the work that begins after a data breach that has quickly become the fastest growing practice area at law firms and consulting firms – and is geared specifically for the legal and compliance professionals who have emerged as critical players during a data breach response.

This year’s conference will take place on Tuesday, April 4, 2017, in the elegant setting of the Mayflower Hotel in Washington, D.C.  Our stellar faculty of attorneys and experts specializing in data breach response will discuss the most important and timely data breach response topics, including:

  • Why legal professionals involved in an incident response must become the quarterback of all workflow and how to handle this important responsibility;
  • The legal and compliance aftermath of a data breach, including governmental investigations and litigation, as well as the almost endless list of potential civil liabilities after a cyber-attack;
  • In plain English, the kinds of artifacts, remnants and fragments available in the aftermath of a data breach, and how, armed with the information gathered during forensic analysis, legal and compliance professionals can manage efforts to detect additional attempts by the attacker to regain access and get closer towards containment of the attack;
  • The broad range of state and federal regulatory issues, tactics and strategies encountered during an incident response, especially managing regulatory interphase and law enforcement liaison;
  • A deep dive into three highly-specialized areas of incident response: (1)  retail companies (where PCI expertise is critical); (2) healthcare organizations (where HITECH ACT and HIPAA expertise is critical); and (3) financial institutions (where banking and securities expertise is critical);
  • What legal and compliance professionals need to know about the various tools and technical solutions used during an incident response, and why lawyers and compliance professionals need to participate in selecting those tools and technical solutions;
  • National security issues during incident response;
  • Best practices for handling the insurance issues arising after a data breach and current issues in the cyber insurance market, an area which legal and compliance professionals will need to understand during an incident response; and
  • Best practices for protecting the attorney-client privilege as it applies to the work product from digital forensic investigators and other consultants responding to a data breach.

Incident Response Forum 2017 provides an exciting and informative day of interactive panel sessions and keynote speeches to discuss how attorneys and other professionals can successfully and effectively manage an Incident Response engagement.  6 hours of CLE credit will also be available (approved in VA and PA).


Current Faculty and Speaker List for Incident Response Forum 2017:


  • Adam S. Hickey, Deputy Assistant Attorney General, National Security Division, U.S. Department of Justice

DOJ Faculty:

  • Stephen Reynolds, Deputy Chief for Cyber Law and Policy, National Security Division, U.S. Department of Justice

FBI Faculty

  • Ronald Yearwood, Section Chief of Cyber Operations III, FBI’s Cyber Division

FTC Faculty:

  • Maneesha Mithal, Associate Director, Federal Trade Commission’s Division of Privacy and Identity Protection

SEC Faculty:

  • Stephanie Avakian, Acting Director, SEC Division of Enforcement


  • J. Bradley Bennett, former Executive Vice President, Enforcement, FINRA
  • Steve Bunnell, Partner, O’Melveny & Myers LLP; former General Counsel of DHS and former Chief, Criminal Division, USAO (D.C.)
  • John P. Carlin, Partner, Morrison & Foerster LLP; former Asst. Attorney General for the DOJ’s National Security Division
  • Ken Davidson, Senior Director of Information Security and Compliance, HMSHost Corporation.
  • Luke Dembosky, Partner, Debevoise & Plimpton LLP; former Dep. Asst. Attorney General for the DOJ’s National Security Division
  • Benjamin Eason, CISO and Principal, The Carlyle Group
  • Maj. Gen. Charles J. Dunlap, Jr. (Ret.), Exec. Dir., Duke Law’s Center on Law, Ethics and National Security; retired Air Force Major General
  • David N. Fagan, Partner, Covington & Burling LLP
  • David R. Fontaine, Chief Executive Officer, Corporate Risk Holdings
  • Scott N. Godes, Partner, Barnes & Thornburg
  • Susan Hennessey, Fellow, National Security in Governance Studies, Brookings Institution; former Attorney, Office of General Counsel, NSA
  • Aaron Hughes, former Deputy Assistant Secretary of Defense for Cyber Policy, U.S. Department of Defense
  • Philip S. Khinda, Partner, Steptoe & Johnson LLP; former Senior Counsel, SEC Division of Enforcement
  • Theodore J. Kobus III, Partner, Baker & Hostetler LLP
  • Darren Lacey, CISO and Dir. of IT Compliance, Johns Hopkins Univ. and Johns Hopkins Medicine
  • David C. Lashway, Partner, Baker & McKenzie LLP
  • Mark Lohman, Senior Director, Information Security, W.W. Grainger, Inc.
  • Paul Luehr, Partner, Faegre Baker Daniels LLP; former FTC Assistant Director and DOJ Computer Crimes Prosecutor
  • Douglas H. Meal, Partner, Ropes & Gray
  • Edward R. McNicholas, Partner, Sidley Austin LLP; former Associate Counsel to President Clinton
  • Nicholas A. Oldham, Partner, King & Spalding; former Counsel for Cyber Investigations, DOJ’s National Security Division
  • Bret Padres, Chief Executive Officer, The Crypsis Group; former Special Agent, U.S. Air Force Office of Special Investigations and Chief of R&D, Computer Crimes Unit, U.S. Postal Service’s OIG
  • Kimberly Kiefer Peretti, Partner, Alston & Bird; former Senior Litigator, DOJ’s Computer Crime and Intellectual Property Section
  • Benjamin A. Powell, Partner, WilmerHale; former GC to the Director of National Intelligence, Office of the President of the United States
  • Erik Rasmussen, Managing Director, Kroll; former Special Agent, U.S. Secret Service
  • Justin L. Root, Of Counsel, Dickinson Wright PLLC; former Special Agent, Cyber Crimes Unit, Ohio AG’s Office
  • Anthony Scaramucci, Founder and Co-Managing Partner, SkyBridge Capital
  • Joe Segreti, Co-Founder, KoreLogic; former Security Officer, U.S. Securities and Exchange Commission
  • John Reed StarkPresident, John Reed Stark Consulting, LLC; former Founder and Chief, SEC Office of Internet Enforcement
  • Tara McGraw Swaminatha, Of Counsel, DLA Piper; former Trial Attorney, DOJ’s Computer Crime and Intellectual Property Section
  • Luke Tenery, Senior Managing Director, Ankura Consulting Group, LLC
  • Liisa M. Thomas, Partner, Winston & Strawn LLP

Please register here!


When: Tuesday, April 4, 2017
7:00 am - 8:00 am (breakfast & registration)
8:00 am - 5:00 pm (followed by cocktail party)
Where: Mayflower Hotel
1127 Connecticut Ave, NW
Washington, D.C. 20036
CLE Credit: 6.0 hours approved in PA and VA (and in NY/reciprocal states).


Links to materials available here.

CLE Info and Forms

SEF2014 CLE -smCLE forms available here.

Corporate Sponsors







Law Firm Sponsors









Ropes &Gray