- Matthew D. Brown, Cooley
- Craig Cardon, Sheppard Mullin
- Marcus A. Christian, Mayer Brown
- Rajesh De, Mayer Brown
- David N. Fagan, Covington
- David R. Fontaine, Corporate Risk Holdings
- Adam Golodner, Kaye Scholer
- Danielle C. Gray, O’Melveny
- Jim Halpert, DLA Piper
- Craig A. Hoffman, BakerHostetler
- Antony P. Kim, Orrick
- Theodore J. Kobus III, BakerHostetler
- Mark L. Krotoski, Morgan Lewis
- Ronald D. Lee, Arnold & Porter
- Edward R. McNicholas, Sidley
- Douglas H. Meal, Ropes & Gray
- Michael G. Morgan, McDermott Will & Emery
- Nicholas A. Oldham, King & Spalding
- Dominic A. Paluzzi, McDonald Hopkins
- Jim Pastore, Debevoise & Plimpton
- Kimberly Kiefer Peretti, Alston & Bird
- Benjamin A. Powell, WilmerHale
- Timothy P. Ryan, Kroll
- Lisa J. Sotto, Hunton & Williams
- John Reed Stark, John Reed Stark Consulting
- Gerard M. Stegmaier, Goodwin Procter
- Phyllis B. Sumner, King & Spalding
- Heather Egan Sussman, Ropes & Gray
- Liisa M. Thomas, Sheppard Mullin Richter & Hampton LLP
- Michael Vatis, Steptoe & Johnson
About the Incident Response 30: Cybersecurity Docket’s Incident Response 30 is our list of the 30 best and brightest data breach response lawyers. Based on nominations, input from numerous senior lawyers in the field, and considerable research, we tried to answer a simple question:
Who would you hire if your company suddenly found itself the victim of a data breach?
We also imposed three key requirements:
- Candidates for the Incident Response 30 must be in the private sector for at least the past two years.
- Candidates for the Incident Response 30 must have a practice that is dedicated primarily to data breach response work.
- Candidates for the Incident Response 30 must be attorneys (as opposed to accountants, economists or other experts).