Incident Response Forum 2018

A Data Breach Response Conference for Legal and Compliance Professionals
**Wednesday, April 18, 2018, The Mayflower Hotel, Washington, D.C.**
Presented by Cybersecurity Docket


Incident Response Forum 2018 is the only conference of its kind. It is focused solely on the field of Incident Response – the work that begins after a data breach that has quickly become the fastest growing practice area at law firms and consulting firms – and is geared specifically for the legal and compliance professionals who have emerged as critical players during the aftermath of a data security incident.

This year’s conference will take place on Wednesday, April 18, 2018, in the elegant setting of the Mayflower Hotel in Washington, D.C.  Our stellar faculty of current government cyber-prosecutors and cyber-investigators, attorneys and experts specializing in data breach response will discuss the most important and timely data breach response topics, including:

  • Why legal professionals involved in an incident response must become the quarterback of all workflow and how to handle this important responsibility;
  • The legal and compliance aftermath of a data breach, including governmental investigations and litigation, as well as the almost endless list of potential civil liabilities after a cyber-attack;
  • In plain English, the kinds of artifacts, remnants and fragments available in the aftermath of a data breach, and how, armed with the information gathered during forensic analysis, legal and compliance professionals can manage efforts to detect additional attempts by the attacker to regain access and get closer towards containment of the attack;
  • The broad range of state and federal regulatory issues, tactics and strategies encountered during an incident response, especially managing regulatory interphase and law enforcement liaison;
  • A deep dive into two highly-specialized areas of incident response: (1) retail companies (where PCI expertise is critical); and (2) financial institutions (where banking and securities expertise is critical);
  • What legal and compliance professionals need to know about the various tools and technical solutions used during an incident response, and why lawyers and compliance professionals need to participate in selecting those tools and technical solutions;
  • A detailed discussion of the nature of the international threat of cyber-attacks.  For legal and compliance professionals, understanding the international dynamic of cyber-threats is critical to represent adequately the interest of corporate clients – especially in the context of regulatory compliance; insurance claims; and privacy protections;
  • An analysis of the kinds of cyber concerns for Incident Response teams, which typically cross borders and are global in nature – mandating additional attention, expertise and oversight;
  • A discussion of the important and thoughtful preemptive measures companies should take to meet their compliance obligations and to help prepare themselves to respond., including preemptive steps that legal and compliance professionals should implement today to not only insure adequate preparation for the latest types of data breaches, but also to assure adequate compliance amid increasing regulatory scrutiny;
  • Best practices for handling the insurance issues arising after a data breach and current issues in the cyber insurance market, an area which legal and compliance professionals will need to understand during an incident response; and
  • Best practices for protecting the attorney-client privilege as it applies to the work product from digital forensic investigators and other consultants responding to a data breach.

Incident Response Forum 2018 provides an exciting and informative day of interactive panel sessions and keynote speeches to discuss how attorneys and other professionals can successfully and effectively manage an Incident Response engagement.  6 hours of CLE credit will also be available (applications pending).


Current Faculty and Speaker List for Incident Response Forum 2018:


  • John Lynch, Chief, Computer Crime and Intellectual Property Section, Criminal Division, U.S. Department of Justice

Air Force Faculty: 

  • Dr. Gary D. King, Deputy Chief, Cyber Security, Air Force Office of Special Investigations

DHS Faculty: 

  • Hayley Chang, Deputy General Counsel, U.S. Department of Homeland Security

DNI Faculty: 

  • Tonya Ugoretz, Director of the Cyber Threat Intelligence Integration Center, Office of the Director of National Intelligence

DOJ Faculty:

  • Scott Ferber, Counsel for Cyber Investigations, Department of Justice (National Security Division)

FINRA Faculty: 

  • David Kelley, Surveillance Director, FINRA

FTC Faculty:

  • Maneesha Mithal, Associate Director, Federal Trade Commission’s Division of Privacy and Identity Protection

NSC Faculty:

  • Jordan Rae Kelly, Director for Cybersecurity Policy, National Security Council

Ohio AG’s Office Faculty: 

  • Gregory A. Tapocsi, Director of CyberOhio/Senior Assistant AG – Consumer Protection, Office of Ohio AG

SEC Faculty:

  • Robert A. Cohen, Chief, Cyber Unit, SEC Division of Enforcement

Secret Service Faculty:

  • Matthew F. NoyesCyber Policy and Strategy Director, U.S. Secret Service


  • Jennifer C. Archie, Partner, Latham & Watkins LLP
  • Jennifer A. Coughlin, Founding Partner, Mullen Coughlin
  • Luke Dembosky, Partner, Debevoise & Plimpton LLP; former Dep. Asst. Attorney General for the DOJ’s National Security Division
  • Maj. Gen. Charles J. Dunlap, Jr. (Ret.), Exec. Dir., Duke Law’s Center on Law, Ethics and National Security; retired Air Force Major General
  • David N. Fagan, Partner, Covington & Burling LLP; co-chair of Cross-Border Investment and National Security Matters practice
  • David R. Fontaine, Chief Executive Officer, Kroll and its parent company, Corporate Risk Holdings
  • Hon. Louis J. Freeh, Founder and Chairman of Freeh Group International Solutions; former Director, FBI, and U.S. District Court Judge for the SDNY
  • Timothy A. Gallagher, Managing Director, Kroll; Former Special Agent in Charge, Newark, NJ Division, Federal Bureau of Investigation
  • Scott N. Godes, Partner, Barnes & Thornburg
  • Eric L. Goldstein, Associate, O’Melveny & Myers LLP; former Branch Chief, Partnerships and Engagement, DHS’s Office of Cybersecurity and Communications
  • Elizabeth P. Gray, Partner, Willkie Farr & Gallagher LLP; former Assistant Director, SEC Division of Enforcement, and Counsel to SEC Chairman Arthur Levitt
  • James A. Harvey, Partner, Alston & Bird LLP; co-chair of Cybersecurity Preparedness & Response Team.
  • David A. Hoffman, Associate General Counsel and Global Privacy Officer, Intel Corporation
  • John D. Kennedy, AVP and Risk Leader, Information Risk Management, Nationwide Insurance
  • Antony Kim, Partner, Orrick; Co-Chair of Cyber, Privacy & Data Innovation Practice
  • Darren Lacey, CISO and Dir. of IT Compliance, Johns Hopkins Univ. and Johns Hopkins Medicine
  • David C. Lashway, Partner, Baker & McKenzie LLP; leader, global Cybersecurity practice
  • Erez Liebermann, Vice President and Chief Counsel, Cybersecurity and Privacy, at Prudential Financial; Former Dep. Chief of Crim. Div. and Chief of Computer Hacking Section, U.S. Atty’s Office (N.J.)
  • Edward R. McNicholas, Partner, Sidley Austin LLP; former Associate Counsel to President Clinton
  • Jonathan E. Meyer, Partner, SheppardMullin; former Deputy General Counsel, U.S. Department of Homeland Security
  • Bret Padres, Chief Executive Officer, The Crypsis Group; former Special Agent, U.S. Air Force Office of Special Investigations and Chief of R&D, Computer Crimes Unit, U.S. Postal Service’s OIG
  • Dominic A. Paluzzi, Partner, McDonald Hopkins LLC; co-chair of Data Privacy and Cybersecurity Practice Group
  • Lydia Parnes, Partner, Wilson Sonsini Goodrich & Rosati; former Director of the Bureau of Consumer Protection at the Federal Trade Commission
  • Justin L. Root, Dickinson Wright PLLC;  Data Privacy and Cybersecurity  Co-Chair; former Sp. Dep. U.S. Marshal, FBI Cybercrime Taskforce; former SA Ohio BCI Cyber Crimes Unit
  • Jason N. SmolanoffSMD and Global Cyber Security Practice Leader, Kroll; former Supervisory Special Agent for the FBI’s Cyber National Security Squad
  • John Reed StarkPresident, John Reed Stark Consulting, LLC; former Founder and Chief, SEC Office of Internet Enforcement
  • Phyllis B. Sumner, Partner and Chief Privacy Officer, King & Spalding LLP; former AUSA, N.D. Ill. and N.D. Ga.
  • Heather Egan Sussman, Partner, Ropes & Gray LLP; co-head, Privacy and Cybersecurity Practice Group
  • Tara McGraw Swaminatha, Partner, Squire Patton Boggs; former Trial Attorney, DOJ’s Computer Crime and Intellectual Property Section
  • Luke Tenery, Senior Managing Director, Ankura Consulting Group; leader, national Cybersecurity practice
  • Jeff Ward, Director, Duke Center on Law & Technology and Associate Clinical Professor of Law

Please register here!


When: Wednesday, April 18, 2018
7:00 am - 8:15 am (breakfast & registration)
8:15 am - 5:00 pm (followed by cocktail party)
Where: Mayflower Hotel
1127 Connecticut Ave, NW
Washington, D.C. 20036
CLE Credit: 6.0 hours (approved in VA and PA)

CLE Info and Forms

SEF2014 CLE -smCLE forms available here.


Links to materials available here.

Corporate Sponsors


Ankura 230x60


Freeh Group 230


ACA Aponix 230

Academic Sponsor: Duke Law

Duke LENS 230

Law Firm Sponsors

Alston 230 v2








McDonald Hopkins 230


O'Melveny 230

Ropes &Gray

SheppardMullin 230


Willkie 230