Incident Response Forum 2019

A Data Breach Response Conference for Legal and Compliance Professionals
**Wednesday, April 10, 2019, The Mandarin Oriental, Washington, D.C.**
Presented by Cybersecurity Docket


Incident Response Forum 2019 is the only conference of its kind. It is focused solely on the field of Incident Response – the work that begins after a data breach that has quickly become the fastest growing practice area at law firms and consulting firms – and is geared specifically for the legal and compliance professionals who have emerged as critical players during the aftermath of a data security incident.

This year’s conference will take place on Wednesday, April 10, 2019, in the elegant setting of the Mandarin Oriental in Washington, D.C.  Our stellar faculty of current government cyber-prosecutors and cyber-investigators, attorneys and experts specializing in data breach response will discuss the most important and timely data breach response topics, including:

  • Why legal professionals involved in an incident response must become the quarterback of all workflow and how to handle this important responsibility;
  • The legal and compliance aftermath of a data breach, including governmental investigations and litigation, as well as the almost endless list of potential civil liabilities after a cyber-attack;
  • In plain English, the kinds of artifacts, remnants and fragments available in the aftermath of a data breach, and how, armed with the information gathered during forensic analysis, legal and compliance professionals can manage efforts to detect additional attempts by the attacker to regain access and get closer towards containment of the attack;
  • The broad range of state and federal regulatory issues, tactics and strategies encountered during an incident response, especially managing regulatory interphase and law enforcement liaison;
  • A deep dive into two highly-specialized areas of incident response: (1) retail companies (where PCI expertise is critical); and (2) financial institutions (where banking and securities expertise is critical);
  • What legal and compliance professionals need to know about the various tools and technical solutions used during an incident response, and why lawyers and compliance professionals need to participate in selecting those tools and technical solutions;
  • A detailed discussion of the nature of the international threat of cyber-attacks.  For legal and compliance professionals, understanding the international dynamic of cyber-threats is critical to represent adequately the interest of corporate clients – especially in the context of regulatory compliance; insurance claims; and privacy protections;
  • An analysis of the kinds of cyber concerns for Incident Response teams, which typically cross borders and are global in nature – mandating additional attention, expertise and oversight;
  • A discussion of the important and thoughtful preemptive measures companies should take to meet their compliance obligations and to help prepare themselves to respond., including preemptive steps that legal and compliance professionals should implement today to not only insure adequate preparation for the latest types of data breaches, but also to assure adequate compliance amid increasing regulatory scrutiny;
  • Best practices for handling the insurance issues arising after a data breach and current issues in the cyber insurance market, an area which legal and compliance professionals will need to understand during an incident response; and
  • Best practices for protecting the attorney-client privilege as it applies to the work product from digital forensic investigators and other consultants responding to a data breach.

Incident Response Forum 2019 provides an exciting and informative day of interactive panel sessions and keynote speeches to discuss how attorneys and other professionals can successfully and effectively manage an Incident Response engagement.  6 hours of CLE credit will also be available (approved in PA).


Current Faculty and Speaker List for Incident Response Forum 2019:


  • John Demers, Assistant Attorney General, Department of Justice (National Security Division)

DHS Faculty:

  • Hayley Chang, Deputy General Counsel, U.S. Department of Homeland Security.

DOJ Faculty:

  • Leonard Bailey, Special Counsel for National Security, DOJ’s Computer Crime and Intellectual Property Section; Senior member, CCIPS’ Cybersecurity Unit

FBI Faculty:

  • Eric D. Welling, Deputy Assistant Director, FBI’s Cyber Operations Branch

FTC Faculty:

  • Mark Eichorn, Assistant Director, Federal Trade Commission’s Division of Privacy and Identity Protection

NSC Faculty:

  • Michael O. Halas, Director for Government Cybersecurity, National Security Council, White House

PCAOB Faculty: 

  • Kathleen M. Hamm, Board Member, Public Company Accounting Oversight Board

SEC Faculty:

  • Deborah Tarasevich, Assistant Director and Member of Cyber Unit, SEC’s Division of Enforcement


  • Richard Batchelder, Partner, Ropes & Gray
  • Jennifer A. Beckage, Partner and Founder, Beckage PLLC
  • William A. Boeck, Senior Vice President and Insurance and Claims Counsel, Lockton Financial Services
  • Steve Bunnell, Partner, O’Melveny & Myers LLP; former General Counsel of DHS and former Chief, Criminal Division, USAO (D.C.)
  • Chris Cwalina, Partner and Global Co-Head of Data Protection, Privacy and Cybersecurity, Norton Rose Fulbright
  • Luke Dembosky, Partner, Debevoise & Plimpton LLP; former Dep. Asst. Attorney General for the DOJ’s National Security Division
  • Benedetto Demonte, Managing Director and North America leader of Cyber Risk Practice, Kroll; former Senior Forensic Examiner, Federal Bureau of Investigation
  • Maj. Gen. Charles J. Dunlap, Jr. (Ret.), Exec. Dir., Duke Law’s Center on Law, Ethics and National Security; retired Air Force Major General
  • Ashden Fein, Partner, Covington & Burling; former Division Chief and Senior Trial Attorney, Judge Advocate General’s Corps
  • Beth George, Partner, Wilson Sonsini Goodrich & Rosati
  • Scott N. Godes, Partner, Barnes & Thornburg
  • Elizabeth P. Gray, Partner, Willkie Farr & Gallagher LLP; former Assistant Director, SEC Division of Enforcement, and Counsel to SEC Chairman Arthur Levitt
  • Sean B. Hoar, Partner and Chair of Data Privacy & Cybersecurity Practice, Lewis Brisbois; former Lead Cyber Attorney, U.S. Attorney’s Office for the District of Oregon
  • David A. Hoffman, Associate General Counsel and Global Privacy Officer, Intel Corporation
  • Aaron Hughes, VP for Information Security and Deputy CISO, Capital One; former Deputy Asst. Secretary of Defense for Cyber Policy, DOJ
  • Jordan Rae Kelly, Senior Managing Director, FTI Consulting; former Director for Cybersecurity Policy, National Security Council
  • Antony (Tony) Kim, Partner, Orrick; Co-Chair of Cyber, Privacy & Data Innovation practice
  • David C. Lashway, Partner, Baker & McKenzie LLP; leader, global Cybersecurity practice
  • Travis LeBlanc, Partner, Cooley LLP; former Chief, Federal Communications Commission’s Enforcement Bureau
  • Scott Lindlaw, Managing Director, Sard Verbinnen & Co.
  • Paul H. Luehr, Partner, Faegre Baker Daniels LLP; former FTC Assistant Director and DOJ Computer Crimes Prosecutor
  • Edward R. McNicholas, Partner, Sidley Austin LLP; former Associate Counsel to President Clinton
  • Doug Meal, Partner, Orrick; Chair, Cyber & Privacy Litigation and Enforcement Practice
  • Bret Padres, Chief Executive Officer, The Crypsis Group; former Special Agent, U.S. Air Force Office of Special Investigations and Chief of R&D, Computer Crimes Unit, U.S. Postal Service’s OIG
  • Andrew S. Pak, VP and Corporate Counsel, Cybersecurity and Privacy, Prudential Financial; Former Senior Counsel, CCIPS, Department of Justice
  • Kimberly Kiefer Peretti, Partner, Alston & Bird; former Senior Litigator, DOJ’s Computer Crime and Intellectual Property Section
  • Kari M. Rollins, Partner, Sheppard Mullin
  • Jason N. SmolanoffSMD and Global Cyber Security Practice Leader, Kroll; former Supervisory Special Agent for the FBI’s Cyber National Security Squad
  • John Reed StarkPresident, John Reed Stark Consulting, LLC; former Founder and Chief, SEC Office of Internet Enforcement
  • Phyllis B. Sumner, Partner and Chief Privacy Officer, King & Spalding LLP; former AUSA, N.D. Ill. and N.D. Ga.
  • Luke Tenery, Senior Managing Director, Ankura Consulting Group; leader, national Cybersecurity practice
  • Serrin A. Turner, Partner, Latham & Watkins; former AUSA and lead cybercrime prosecutor, Southern District of New York

Please register here!


When: Wednesday, April 10, 2019
7:00 am - 8:15 am (breakfast & registration)
8:15 am - 5:00 pm (followed by cocktail party)
Where: Mandarin Oriental
1330 Maryland Avenue, SW
Washington, D.C. 20024
CLE Credit: 6.0 hours (approved in PA)


Links to materials available here.

CLE Info and Forms

SEF2014 CLE -smCLE forms available here.

Corporate Sponsors

Kroll 230 2019

Ankura 230x60


FTI Cyber 230

Intel 230


Sard Verbinnen 230

Academic Sponsor: Duke Law

Duke LENS 230

Law Firm Sponsors

Alston 230 v2



Beckage 230


Covington2018 230


Faegre 230



Lewis Brisbois 230

Norton Rose 230

O'Melveny 230

Orrick 230 v2

Ropes &Gray

SheppardMullin 230


Willkie 230