Incident Response Forum 2020

March 10, 2020 Update

In light of global precautions for the COVID-19 Coronavirus, this year’s conference will be a virtual event, taking place online on Tuesday, April 14, 2020. Visit the new website and register for this virtual event here.

A Data Breach Response Conference for Legal and Compliance Professionals
**Tuesday, April 14, 2020**
Presented by Cybersecurity Docket


Incident Response Forum 2020 is the only conference of its kind. It is focused solely on the field of Incident Response – the work that begins after a data breach that has quickly become the fastest growing practice area at law firms and consulting firms – and is geared specifically for the legal and compliance professionals who have emerged as critical players during the aftermath of a data security incident.

This year’s conference will take place on Tuesday, April 14, 2020.  Our stellar faculty of current government cyber-prosecutors and cyber-investigators, attorneys and experts specializing in data breach response will discuss the most important and timely data breach response topics, including:

  • Why legal professionals involved in an incident response must become the quarterback of all workflow and how to handle this important responsibility;
  • The legal and compliance aftermath of a data breach, including governmental investigations and litigation, as well as the almost endless list of potential civil liabilities after a cyber-attack;
  • In plain English, the kinds of artifacts, remnants and fragments available in the aftermath of a data breach, and how, armed with the information gathered during forensic analysis, legal and compliance professionals can manage efforts to detect additional attempts by the attacker to regain access and get closer towards containment of the attack;
  • The broad range of state and federal regulatory issues, tactics and strategies encountered during an incident response, especially managing regulatory interphase and law enforcement liaison;
  • A deep dive into two highly-specialized areas of incident response: (1) retail companies (where PCI expertise is critical); and (2) financial institutions (where banking and securities expertise is critical);
  • What legal and compliance professionals need to know about the various tools and technical solutions used during an incident response, and why lawyers and compliance professionals need to participate in selecting those tools and technical solutions;
  • A detailed discussion of the nature of the international threat of cyber-attacks.  For legal and compliance professionals, understanding the international dynamic of cyber-threats is critical to represent adequately the interest of corporate clients – especially in the context of regulatory compliance; insurance claims; and privacy protections;
  • An analysis of the kinds of cyber concerns for Incident Response teams, which typically cross borders and are global in nature – mandating additional attention, expertise and oversight;
  • A discussion of the important and thoughtful preemptive measures companies should take to meet their compliance obligations and to help prepare themselves to respond., including preemptive steps that legal and compliance professionals should implement today to not only insure adequate preparation for the latest types of data breaches, but also to assure adequate compliance amid increasing regulatory scrutiny;
  • Best practices for handling the insurance issues arising after a data breach and current issues in the cyber insurance market, an area which legal and compliance professionals will need to understand during an incident response; and
  • Best practices for protecting the attorney-client privilege as it applies to the work product from digital forensic investigators and other consultants responding to a data breach.

Incident Response Forum 2020 provides an exciting and informative day of interactive panel sessions and keynote speeches to discuss how attorneys and other professionals can successfully and effectively manage an Incident Response engagement.  6 hours of CLE credit will also be available (pending in PA and reciprocal jurisdictions including NY, CA; pending in VA).



  • Justin Herring, Executive Deputy Superintendent, Cybersecurity Division, New York State Department of Financial Services

DHS Faculty: 

  • Ian Brekke (pending approval), Deputy General Counsel, U.S. Department of Homeland Security
  • H. “Lars” McCarter, Strategic Advisor, Threat Hunting, Cybersecurity and Infrastructure Security Agency (DHS); former Director Network Operations & Security Center, Coast Guard Cyber Command

DOJ Faculty:

  • Leonard Bailey, Special Counsel for National Security, Computer Crime and Intellectual Property Section, U.S. Dept. of Justice; Senior member, CCIPS’ Cybersecurity Unit

FBI Faculty:

  • Michael C. Sohn, Supervisory Special Agent, FBI Los Angeles Field Division

FTC Faculty:

  • James A. Trilling, Senior Attorney, Division of Privacy and Identity Protection, Federal Trade Commission

SEC Faculty:

  • Kristina Littman, Chief, Cyber Unit, Division of Enforcement, U.S. Securities and Exchange Commission

Secret Service Faculty:

  • Michael D’Ambrosio, Deputy Assistant Director for Cyber, Office of Investigations, U.S. Secret Service


  • Jennifer A. Beckage, Partner and Founder, Beckage PLLC
  • Allison J. Bender, Of Counsel, Wilson Sonsini Goodrich & Rosati; former Senior Cybersecurity Attorney, DHS’ Office of the General Counsel
  • Yudhijit Bhattacharjee, Author, ‘The Spy Who Couldn’t Spell: A Dyslexic Traitor, an Unbreakable Code, and the FBI’s Hunt for America’s Stolen Secrets’
  • Chris Cwalina, Partner and Global Co-Head of Data Protection, Privacy and Cybersecurity, Norton Rose Fulbright
  • Luke Dembosky, Partner, Debevoise & Plimpton LLP; former Dep. Asst. Attorney General for the DOJ’s National Security Division
  • Ashden Fein, Partner, Covington & Burling; former Division Chief and Senior Trial Attorney, Judge Advocate General’s Corps
  • Nicole Friedlander, Partner, Sullivan & Cromwell LLP; former AUSA, Southern District of New York, and Chief of Complex Frauds and Cybercrime Unit
  • Scott N. Godes, Partner, Barnes & Thornburg
  • Elizabeth P. Gray, Partner, Willkie Farr & Gallagher LLP; former Assistant Director, SEC Division of Enforcement, and Counsel to SEC Chairman Arthur Levitt
  • Sean B. Hoar, Partner and Chair of Data Privacy & Cybersecurity Practice, Lewis Brisbois; former Lead Cyber Attorney, U.S. Attorney’s Office for the District of Oregon
  • David A. Hoffman, Associate General Counsel and Global Privacy Officer, Intel Corporation
  • Jocelyn J. Hunter, Vice President and Deputy General Counsel, The Home Depot
  • Ken C. Joseph, Managing Director and Head of Disputes practice, Duff & Phelps; former Associate Director, U.S. Securities and Exchange Commission
  • Ali L. Karshan, Director and Associate General Counsel, Cyber, Compliance and Investigations Legal, Citigroup Inc.
  • Antony (Tony) Kim, Partner, Orrick; Co-Chair of Cyber, Privacy & Data Innovation practice
  • David C. Lashway, Partner, Baker & McKenzie LLP; leader, global Cybersecurity practice
  • Travis LeBlanc, Partner, Cooley LLP; former Chief, Federal Communications Commission’s Enforcement Bureau
  • Dominique Shelton Leipzig, Partner, Perkins Coie; Co-chair, Ad Tech Privacy & Data Management Group
  • Paul H. Luehr, Partner, Faegre Drinker Biddle & Reath LLP; former FTC Assistant Director and DOJ Computer Crimes Prosecutor
  • Scott Lindlaw, Managing Director, Sard Verbinnen & Co.
  • Edward R. McNicholas, Partner, Ropes & Gray; former Associate Counsel to President Clinton
  • Lisa O. Monaco, Partner, O’Melveny & Myers and  Co-Chair of Data Security and Privacy group; former Asst. to the President for Homeland Security and Counterterrorism and Asst. A.G. for National Security
  • Bret Padres, Chief Executive Officer, The Crypsis Group; former Special Agent, U.S. Air Force Office of Special Investigations and Chief of R&D, Computer Crimes Unit, U.S. Postal Service’s OIG
  • Kimberly Kiefer Peretti, Partner, Alston & Bird; former Senior Litigator, DOJ’s Computer Crime and Intellectual Property Section
  • Kari M. RollinsPartner, Sheppard Mullin
  • Jason N. Smolanoff, SMD and Global Cyber Security Practice Leader, Kroll; former Supervisory Special Agent for the FBI’s Cyber National Security Squad
  • John Reed Stark, President, John Reed Stark Consulting, LLC; former Founder and Chief, SEC Office of Internet Enforcement
  • Phyllis B. Sumner, Partner and Chief Privacy Officer, King & Spalding LLP; former AUSA, N.D. Ill. and N.D. Ga.
  • Heather Egan Sussman, Partner, Orrick; Global Co-chair of Cyber, Privacy & Data Innovation practice
  • Michael Sussmann, Partner, Perkins Coie; former Senior Counsel, DOJ’s Computer Crime & Intellectual Property Section, and AUSA, E.D. Va.
  • Luke Tenery, Senior Managing Director, Ankura Consulting Group; leader, national Cybersecurity practice
  • Serrin A. Turner, Partner, Latham & Watkins; former AUSA and lead cybercrime prosecutor, Southern District of New York
  • Gary Walker, Senior Vice President, Omnisystems and Security Representative, National Basketball Association; former Senior Special Agent U.S. Air Force and Deputy Director, Dept. of Homeland Security

Please register here!


When: Tuesday, April 14, 2020
8:15 am - 5:00 pm (followed by announcement of "IR 30")
Where: Virtual (online only)
CLE Credit:
6.0 hours (pending in PA and reciprocal jurisdictions including NY, CA; pending in VA)

Corporate Sponsors

Kroll 230 2019

Ankura 230x60

Crypsis 230 2020

Intel 230


Sard 230 2020 UGT 230

Law Firm Sponsors

Orrick 230 v2

Alston 230 v2



Beckage 230


Covington2018 230


Faegre Drinker 230



Lewis Brisbois 230

Norton Rose 230

O'Melveny 230


Ropes &Gray

SheppardMullin 230

Willkie 230

Wilson Sonsini 230 2020


Links to materials available here.