A.I. and Cyber-Incident Response: The Latest Network Defenses, Monitoring and Countermeasures

With three decades of experience across law, government and consulting, Paul Luehr is a respected technology leader who has handled some of the largest data security and privacy incidents in history.
Throughout his career, Paul has been a trusted partner for organizations looking to optimize their privacy and data security practices. His work advising a wide range of clients—including national retailers, global financial institutions, digital health care organizations, web hosting companies, universities and manufacturers—gives him a unique understanding of the complex cybersecurity challenges and opportunities organizations face, as well as how to implement effective policies to mitigate crises and meet legal, technology and business needs. In the privacy arena, and drawing on his notable consulting and regulatory experience, Paul advises companies on the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), new U.S. state privacy laws, and Federal Trade Commission (FTC) regulations.
He draws on his roles as a regulator and litigator with the FTC, where he led the first cross-agency Internet team, and he provides a practical perspective on how to operationalize compliance obligations to clients across the nation. On the cybersecurity side, Paul is consistently recognized as a top incident response attorney, and he spent over a decade with a global consulting firm where he led security experts into some of the largest breaches on record. He also prosecuted major cybercrimes for the U.S. Department of Justice and has unique experience providing advice related to ransomware gangs, wire fraud and business email compromises (BECs), distributed denial of service (DDoS) attacks, credential stuffing, structured query language (SQL) injections, and other digital hacks. Over his career, Paul has managed complex digital forensics matters, led numerous investigations, argued cases at trial and on appeal, and represented clients before many regulators (e.g., HHS OCR, State Attorneys General, state Insurance Commissioners, the SEC, CISA and foreign data protection authorities (DPAs)). He has created robust compliance programs and frequently advised Board Directors and officers on new privacy and cybersecurity risks and obligations.
He also has broad experience addressing artificial intelligence (AI), including performing cyber due diligence on mergers involving robotics and medical devices, and addressing new AI uses in financial services.

Beth George leads the strategic risk and crisis management practice. Based out of Silicon Valley, Beth’s strategic risk practice focuses on the representation of companies preparing for and navigating the toughest situations, from cybersecurity breaches and internal investigations to bet-the-company regulatory inquiries and congressional investigations. Beth regularly advises boards of both private and public companies on risk management and governance, including through hosting table-top exercises to prepare for high-risk events, like cyberattacks.
Her practice has included representing a large company facing high-profile congressional investigations and litigation regarding its data security practices, investigating alleged nation state insider threats at a leading tech company, and advising a public company in a high-profile breach, which resulted in a Federal Bureau of Investigation (FBI) investigation and criminal charges. Beth has deep and wide-ranging expertise from her background working at senior levels across the U.S. federal government, Beth served as Acting General Counsel of the U.S. Department of Defense (DoD) during the beginning of the Biden-Harris administration, where she advised the Secretary of Defense on high stakes matters, including issues related to Iran, China, and the drawdown in Afghanistan.
From 2011 to 2016, Beth served in various roles for the National Security Division of the U.S. Department of Justice (DOJ), including as Counsel to the Assistant Attorney General, Counsel to the Office of Law & Policy, and as an Honors Attorney and Attorney-Adviser in the Office of Intelligence. On detail from the DOJ from 2015 to 2016, Beth served in the White House as Associate Counsel in the Office of the White House Counsel, where she provided legal and strategic advice to senior White House officials regarding high-profile oversight, investigation, and litigation matters. She also led responses for the office on cybersecurity and national security matters, including the response to the largest U.S. government data breach at the Office of Personnel Management. Before serving as Associate Counsel at the White House, Beth was a Professional Staff Member and Counsel to the U.S. Senate Select Committee on Intelligence from 2014 to 2015, also on detail from the DOJ. In this role, she was the sole attorney serving on the committee's bipartisan, end-to-end review of intelligence collection activities for all components of the U.S. intelligence community.
Beth has lectured at the UC Berkeley School of Law on surveillance law and technology, at Stanford University's law and international policy schools on cyber law and policy, and at Stanford Business School on cybersecurity for executives. She serves as a senior adjunct fellow for the New York University School of Law's Center for Law and Security and as an affiliate at Stanford University's Center for International Security and Cooperation (CISAC).

Jennifer A. Beckage, Esq., CIPP/US, CIPP/E is a former tech business owner, former public company executive over tech products, recognized for the last six years as one of the Top 50 Data Breach Lawyers in the US, a Best Lawyer in America?, multiple year recipient of SuperLawyer? designation for technology and litigation, and counsel to some of the globe’s largest organizations, brands, not-for-profits, celebrities, high-net-worth individuals, and Fortune 100 companies. As noted in a recent feature on her in SuperLawyers, Beckage's career trajectory is a testament to reinvention and innovation, which she leverages to help her clients also reinvent and innovate within their own organizations. Law firm founder Beckage focuses her law practice on innovation and technology, with a recognized focus on data security and privacy and incident response. Throughout her legal career, she has responded to numerous headline-making, national and international cybersecurity incidents and counseled organizations of all sizes. Beckage is a frequent contributor to the global conversation surrounding crisis response, speaking at several legal and cybersecurity industry events. She also is interviewed by global media on topics related to technology, crisis response, and data security. Beckage is a Certified Information Privacy Professional, United States (CIPP/US) and Certified Information Privacy Professional, Europe (CIPP/E). She also received MIT "Artificial Intelligence: Implications for Business Strategy" Certification in 2020. Prior to her legal career, Beckage owned and led technology companies, one of which she helped lead to the sale to a publicly traded company. That telecommunications company retained her as an executive overseeing cutting-edge technical products and services and operations.

Sean, a partner in the Portland office, serves as chair of the Constangy Cyber Team. His background includes almost 25 years of experience with data privacy and information security matters. He is a former cyber attorney for the U.S. Department of Justice where he served as the lead cyber attorney for the U.S. Attorney's Office in Oregon, and worked with the Computer Crime & Intellectual Property Section in Washington, D.C. During that time, he worked closely with the FBI, the Secret Service, and other federal agencies in prosecuting complex white collar and high-tech cybercrime. Sean was also honored twice with the Director’s Award, one of the highest awards bestowed upon Assistant U.S. Attorneys. He has been recognized for his leadership in the data privacy and cybersecurity space, having been named by the Cybersecurity Docket as one of the best and brightest data breach response lawyers in the United States. His credentials include being a Global Information Security Professional (GISP), a Certified Information Systems Security Professional (CISSP), and a Certified Information Privacy Professional for United States law (CIPP/US). In managing the national Constangy Cyber Team, Sean continues to manage responses to complex data breaches, and works with information security personnel and corporate executives in managing and mitigating cyber risk.