Faculty: John Reed Stark

Stark2016-150John Reed Stark is President of John Reed Stark Consulting LLC.

Over the last 20 years, Mr. Stark’s name has become synonymous with cybersecurity, cyber incident response and digital regulatory compliance. As President of John Reed Stark Consulting LLC, Mr. Stark’s work emphasizes quarterbacking teams of attorneys and other experts in data breach, cyber-incident response, digital forensics, security science, cyber risk management and investigations for financial institutions as well as public and private companies, law firms and government agencies. Mr. Stark’s experience with intrusions and data breach touches upon all aspects of cyber-incident response, especially during early phases of crisis management, forensic analysis, malware reverse engineering, law enforcement/regulatory liaison and containment, as well as the later phases of data-review, remediation and any requisite disclosure and reporting.

Mr. Stark has handled incident response matters involving all types of cyber attacks, including attacks involving Advanced Persistent Threat, SQL Injections, phishing schemes, denial of service (DOS) and unpatched software. He has also managed cyber attacks orchestrated by internal threats within a company as well as attacks coordinated by so called “bad leavers,” disgruntled employees who “leave” a company on “bad” terms and cause deliberate harm before or after they exit, typically in clandestine fashion.  Under Mr. Stark’s 11-year tenure as Founder and Chief of the SEC’s Office of Internet Enforcement, Mr. Stark led a broad range of substantial and pioneering SEC enforcement actions.

Mr. Stark has also served as an expert in engagements pertaining to technological aspects of investigations, prosecutions and enforcement matters conducted by the SEC, US DOJ and FINRA and aids in structuring and running corporate compliance projects for broker-dealers, investment advisers and other SEC-regulated entities. Mr. Stark also provides neutral expert testimony in the realm of securities regulation on behalf of individuals, entities and government agencies, including in opposition to, and on behalf of, the U.S. Securities Exchange Commission and other government agencies.

As a former Managing Director and Washington, D.C. office head at an international digital risk management firm, Mr. Stark offers an unusual breadth of experience in the realm of technology-related law enforcement and regulation, in cyber-incident response and digital risk management, and in leading all varieties of technology-related crisis management. In addition to authoring several dozen articles along those lines, he has been a frequent guest commentator in the national media on cybersecurity, securities regulation and other related areas.

Mr. Stark also served for 15 years as an adjunct professor at Georgetown University Law School, where he taught a course on law/regulation/cybercrime and technology. Mr. Stark has also taught a range of in-service sessions on cybercrime at the FBI Academy in Quantico, Virginia, and serves as Co-Chair of the American Bar Association Subcommittee on Securities Law and the Internet.

Comments are closed.


When: Tuesday, April 14, 2020
8:15 am - 5:00 pm (followed by announcement of "IR 30")
Where: Virtual (online only)
CLE Credit:
6.0+ hours (details here)

Corporate Sponsors

Kroll 230 2019

Ankura 230x60

Crypsis 230 2020

Intel 230


Sard 230 2020 UGT 230

Law Firm Sponsors

Orrick 230 v2

Alston 230 v2



Beckage 230


Covington2018 230


Faegre Drinker 230



Lewis Brisbois 230

Norton Rose 230

O'Melveny 230


Ropes &Gray

SheppardMullin 230

Willkie 230

Wilson Sonsini 230 2020


Links to materials available here.