States of Play - Preparing for LockBit, Scattered Spider and Other New Ransomware Variants

Kim Peretti is co-leader of the Privacy, Cyber & Data Strategy Team and National Security & Digital Crimes Team. Kim is the former director of PwC’s cyber forensic services group and, as a former senior litigator for the DOJ’s Computer Crime and Intellectual Property Section, led benchmark cybercrime cases, including the prosecution of TJX hacker Albert Gonzalez. Kim’s background as a 20 year information-security professional enhances her practice in managing technical cyber investigations, assisting clients with data-security-related regulatory inquiries, and advising boards and senior executives in cybersecurity and risk matters. She services clients in matters of privacy, national security process and requests, and payment systems compliance and risk mitigation. Kim is a Certified Information Systems Security Professional. Kim serves on the U.S. Secret Service’s Cyber Investigation Board. In 2020, Kim co-founded Alston & Bird’s Women in Cyber NetworkTM.

Kim has been recognized as a leader in her practice area by publications such as Chambers USA, Chambers Global, The Legal 500, The Best Lawyers in America?, Cybersecurity Docket, and BTI Consulting Group. According to Chambers, Kim provides “an extremely high level of client service” where she is ranked Band 1 for Privacy & Data Security: Incident Response. She was featured on CNN Declassified for the benchmark prosecution of the global carding organization Shadowcrew.

Sean, a partner in the Portland office, serves as chair of the Constangy Cyber Team. His background includes almost 25 years of experience with data privacy and information security matters. He is a former cyber attorney for the U.S. Department of Justice where he served as the lead cyber attorney for the U.S. Attorney's Office in Oregon, and worked with the Computer Crime & Intellectual Property Section in Washington, D.C. During that time, he worked closely with the FBI, the Secret Service, and other federal agencies in prosecuting complex white collar and high-tech cybercrime. Sean was also honored twice with the Director’s Award, one of the highest awards bestowed upon Assistant U.S. Attorneys. He has been recognized for his leadership in the data privacy and cybersecurity space, having been named by the Cybersecurity Docket as one of the best and brightest data breach response lawyers in the United States. His credentials include being a Global Information Security Professional (GISP), a Certified Information Systems Security Professional (CISSP), and a Certified Information Privacy Professional for United States law (CIPP/US). In managing the national Constangy Cyber Team, Sean continues to manage responses to complex data breaches, and works with information security personnel and corporate executives in managing and mitigating cyber risk.

Daron Hartvigsen, a Managing Director with StoneTurn, is a cyber threat response and pursuit expert that brings nearly 30 years of related experience in commercial, U.S. intelligence, counterintelligence, and law enforcement.

Daron currently helps lead StoneTurn’s cybersecurity practice and delivers cybersecurity solutions for clients in the financial services, healthcare, insurance, privacy, social media, and manufacturing industries. He has recent experience with major social media services, content delivery platforms, virtual asset service providers, and other emerging technology ecosystems. Additionally, he advises on complex risk challenges to personally identifiable information including activity tracking forensics and API misuse impacting subscriber information. Daron’s threat intelligence forward approach has resulted in his building threat analysis and pursuit capabilities that integrate and inform cyber investigations by assembling technical, open source, and dark-web data into actionable information. As such, he routinely oversees investigations into activity that traverses major social media ecosystems, virtual asset service providers, and threat actor infrastructure.

Earlier in his career, Daron held several positions with the Air Force Office of Special Investigations (AFOSI). While serving as the Special Agent in Charge of the AFOSI, Cyber Investigations and Operations unit located at Joint Base Andrews Maryland, Daron led global counter-threat investigations, pursuit and effects operations, network traffic surveillance, cyber intelligence analytics, intrusion response, sophisticated counterintelligence activities, and he oversaw a cadre of digital media forensics experts. Daron also partnered with federal agencies, state and local authorities, multiple social media service security teams, and commercial businesses to counter sophisticated criminal and nation-state threats. Additionally, Daron served as AFOSI’s command cyber program manager and cyber investigations and operations subject matter expert while stationed at AFOSI Headquarters in Quantico, VA. During this time, Daron led the transformation of AFOSI’s legacy cyber portfolio and drove program execution towards countering nation-state threats to defend the Air Force and Department of Defense (DoD) from sophisticated and persistent adversaries.

Daron routinely participates on conference panels, hosted the “Meet the Fed” event at DEFCON 19, has briefed U.S. government conventions, and performed as a guest speaker for several DoD advanced academic programs as well as the Dwight D. Eisenhower School for National Security and Resource Strategy.

Chris Cwalina is the Global Head of Cybersecurity and Privacy at Norton Rose Fulbright. He concentrates his international practice on cybersecurity and privacy compliance and program development, with a focus on complex cybersecurity attack and data breach investigations, primarily involving sophisticated threat actor groups and advanced persistent threats focused on critical infrastructure entities. Having been in-house for a decade, Chris understands clients' challenges, priorities, and concerns, and knows what clients expect from their outside counsel.

Chris has managed some of the largest data breaches that have occurred. He began his career in privacy as vice president and assistant general counsel at ChoicePoint Inc., where he ran the company's Privacy, Compliance, Ethics and Credentialing Department and helped lead the company's response to the first publicly-reported data breach. This occurred at a time when only one state breach notification law had been enacted. While at ChoicePoint, Chris helped the company respond to a Federal Trade Commission (FTC) investigation and complaint, Congressional inquiry, a U.S. Securities and Exchange Commission (SEC) investigation, an investigation and complaint brought by a coalition of state attorneys general offices, as well as managed a number of class-action complaints.

Since the inception of state breach notification statutes, Chris has helped companies respond to countless cybersecurity events, incidents, and data breaches, on an international scale, involving external and internal threats and sophisticated threat actors with a variety of motives. He has handled theft of credit card data, intellectual property, trade secrets and confidential company information, health information, employee information, personal data and personally identifiable information.

Chris provides advice and counsel on the full lifecycle of cybersecurity and privacy compliance and risk management. He advises clients on how to prepare for a security incident to help them be in the best position possible prior to an incident occurring. This counsel involves assessing and developing appropriate governance and organizational structures, incident response programs, as well as conducting incident response workshops and exercises. These techniques and procedures are designed to prepare companies to respond to security incidents quickly, efficiently and in a manner that complies with applicable laws and regulations while simultaneously mitigating risk and preserving customer relationships.

As soon as a security incident occurs, Chris serves as "breach coach" and works closely with CISOs and SIRTs assisting his clients with leading the investigation, containment and remediation of the incident, and developing effective communications, which are designed to preserve customer relationships and minimize the likelihood and consequences of litigation and regulatory investigations. Chris also helps companies deal with the fallout of an incident by responding to resulting state, federal and international regulatory inquiries and investigations. He also defends clients in related litigation, including actions brought by consumers, shareholders, employees, and others.

Chris has represented companies in a wide range of industries, including a number of companies in critical infrastructure sectors, energy, oil & gas, communications, retail, transportation, hospitality, life sciences and healthcare, insurance, financial services, technology, advertising and marketing, entertainment, and education.

Chris brings his years of experience to provide proactive counsel on the complex regulatory issues pertaining to cybersecurity and privacy programs and data collection, use, maintenance, transfer, and sharing. He regularly presents to boards of directors and advises on governance and cybersecurity risk disclosure obligations. He advises clients on regulatory issues and legislative affairs pertaining to the full range of cybersecurity, data governance, data privacy and cross-border transfer issues with a focus on technology, mobile and online practices. Chris also provides counsel on compliance with COPPA, GLBA, HIPAA, FCRA, ECPA, CPNI Rules, TCPA, and other state and federal privacy and security laws as well as international privacy laws, regulations and directives, including the EU General Data Protection Regulation (GDPR).