Sean B. Hoar


  • location icon Portland, OR
    888 SW Fifth Avenue
    Suite 900
    Portland, OR 97204

Sean Hoar is a partner in the Portland office of Lewis Brisbois and chair of the Data Privacy & Cybersecurity Practice. Sean Hoar, CISSP, GISP, CIPP/US, has extensive experience managing responses to digital crises and effectively marshalling resources to contain and remediate information security incidents. He served as the lead cyber attorney for the U.S. Attorney’s Office in Oregon where he was the point of contact for the FBI, Secret Service, and Homeland Security in system intrusions and other digital crime emergencies. He now manages responses to data breaches and counsels businesses on best practices in data privacy and information security. He also facilitates incident response planning, table top exercises, and risk assessments. 

As a veteran security and privacy attorney and an accomplished litigator prosecuting cybercrime, identity theft, Internet fraud, and other matters for the U.S. Department of Justice, Sean managed compliance with the Fourth Amendment, the Stored Communications Act, and other constitutional and regulatory frameworks for federal law enforcement. He trained federal investigators and prosecutors about the acquisition and use of digital evidence, and he trained foreign officials, on behalf of the U.S. Department of State, about anti-terrorism and cybercrime awareness. He taught courses in cybercrime and privacy law and serves as the executive director of the Financial Crimes & Digital Evidence Foundation. A frequent author and speaker on privacy and security matters, Sean has received numerous accolades from the FBI, the Secret Service, the IRS, and the DEA throughout his career.

As referenced above, Sean holds the Certified Information Systems Security Professional (CISSP), the Global Information Security Professional (GISP), and the Certified Information Privacy Professional/United States (CIPP/US) credentials. These are often required to perform certain types of information security system audits.

Legal Experience

General information security consulting

Counsels clients in all business sectors on commercially reasonable practices to enhance their enterprise security posture. This includes reviewing information security practices, facilitating self-assessments, and helping to identify and reduce system vulnerabilities to mitigate the risk and scale of a breach.

Incident response planning

Assists clients to develop and draft an incident response plan. This includes the identification and involvement of key stakeholders, the acquisition of cyber liability insurance, the facilitation and execution of Master Service Agreements with breach response service providers (digital forensics services, consumer notification/call center services, credit monitoring/identity protection services, etc.), and introduction to appropriate law enforcement personnel.

Table top exercises

Assists clients test their incident response plan by facilitating enterprise wide digital crisis response exercises. These exercises involve key stakeholders and assist them identify and experience their roles and responsibilities in responding to a data security incident. The exercises also help identify and resolve gaps in incident response plans.

Incident response services

Manages responses to information security incidents. This includes access to Lewis Brisbois' 24/7 data breach hotline and project management of breach response; initial assessment of problem; facilitation of legal agreements and services to contain, analyze, investigate and remediate a data compromise (which may include digital forensics, crisis management and communications, consumer notification, credit monitoring and/or identity protection services); assessment of consumer and regulatory notification obligations; drafting of consumer and regulatory notification; and responding to inquiries from the media and regulatory officials.

Data breach-related defensive litigation

Assists clients who are subject to third party demands or class action complaints arising from data security incidents. As a former litigator for the U.S. Department of Justice, he works with Lewis Brisbois’ extensive litigation resources across 40 offices in 26 states to ensure clients are well represented in defensive litigation matters.

Employee/Board/Senior Executive training

Assists clients to identify and prioritize employee training needs regarding network security awareness, develop customized training to educate employees about network security awareness, and develop customized presentations for Boards and Executives about information security threats and risks while addressing the business case for information security.

Information system vulnerability testing and penetration testing

Assists clients to identify an appropriate vendor, determine appropriate scope, facilitate and execute pertinent contracts, oversee vulnerability security scans and penetration testing, and review and edit preliminary reports to ensure accuracy and format acceptable for regulators should they ever need to be produced.

Digital forensics services

Assists clients to identify an appropriate vendor, determine appropriate scope, facilitate and execute pertinent contracts, oversee digital forensics investigation, and review and edit preliminary reports to ensure accuracy and format acceptable for regulators should they ever need to be produced.

Information security policies and procedures

Assists clients to identify and develop necessary information security policies and procedures. This includes reviewing existing information security policies and procedures, recommending revisions to existing policies and procedures, and drafting policies and procedures if none exist.

Prior Experience

  • Assistant United States Attorney, United States Department of Justice, District of Oregon, Portland, Ore., 1991-2014
  • Adjunct Professor, Cybercrime seminar, Lewis & Clark Law School, Portland, Ore., 2011-present; University of Oregon School of Law, Eugene, Ore., 2003-present
  • Assistant District Attorney, Lane County District Attorney’s Office, Eugene, Ore., 1987-1991


  • “Reducing the Risk of Cyber Extortion For Health Care Cos.,” Law360, 02.24.16
  • “Cyber Threats: Is the Sky Falling or Is the Threat Real?,” Power Magazine, 08.01.15
  • “Cybersecurity: A Conversation with your IT Team,” Association of Corporate Counsel Oregon Chapter Newsletter Q3, 09.18.14
  • “An Alluring Destination for Cyberthieves,” Law360, 06.30.14
  • “Identity Theft and Social Security Fraud,” (contributing author) USDOJ Office of Legal Education, May 2014
  • “Cybersecurity: The Urgent Challenge of Our Time,” United States Attorneys’ Bulletin, April 2014
  • “Identity Theft: Applicable Federal Statutes and Charging Decisions,” U.S. Attorney’s Bulletin, March 2008
  • “Oregon Identity Theft Fast Track Program,” U.S. Attorney’s Bulletin, March 2008
  • “Trends in Cybercrime: The Dark Side of the Internet,” ABA Criminal Justice Magazine, Fall 2005
  • “Identity Theft: The Crime of the New Millennium,” 80 Or.L.Rev. 4, 2001
  • “Identity Theft: The Crime of the New Millennium,” U.S. Attorney’s Bulletin, March 2001 
  • “District of Oregon Nets First Conviction for Copyright Infringement on the Internet,” The Federal Lawyer, July 2000


  • Certified Information Systems Security Professional (CISSP)
  • Global Information Security Professional (GISP)
  • Certified Information Privacy Professional (CIPP/US)

Professional Presentations

  • Panelist, “Professional Liability & Cyber Liability Update,” AIG Financial Lines Seminar & 2020 Outlook, Los Angeles, California, 11.07.19
  • Panelist, “Professional Liability & Cyber Liability Update,” AIG Financial Lines Seminar & 2020 Outlook, San Francisco, California, 11.06.19
  • Speaker, “Cybersecurity for Administrative Professionals,” Webinar sponsored by Lorman Education Services, 11.01.19
  • Panelist, “Lightning Round – Everything a CISSP Needs to Know About the Cyber Legal Landscape,” 2019 ISC2 Security Congress, Orlando, Florida, 10.30.19
  • Moderator, “Rise of the Mega-Fines: Accounting for Regulatory Action in Cyber Insurance,” Advisen Cyber Risk Insights Conference, New York, 10.24.19
  • Panelist, “HSB CyberSLAM,” Webinar sponsored by HSB, Hartford, Connecticut, 10.16.19
  • Moderator, “The PCI DSS: Security Goals or Revenue Stream?,” NetDiligence, Santa Monica, California, 10.15.19
  • Panelist, “Cyber Risk Claims,” Propel Insurance Annual Sales Meeting, Portland, Oregon, 10.15.19
  • Panelist, “Emerging Trends in Cyber Insurance Claims,” Cyber Immersion Summit, The Hartford, Hartford, Connecticut, 10.11.19
  • Speaker, "Emerging Cybersecurity Threats: Measures to Keep Risk Between the Rails,” 2019 American Short Line and Regional Railroad Association General Counsel Symposium, Columbus, Ohio, 10.10.19
  • Panelist, "Holy @#%&, What Do We Do Now? A Guide to Handling a Ransomware Attack," AWAC Panel Counsel Summit, Hartford, CT, 9.25.19
  • Speaker, "Cyber Breaches and the Messes They Create," Community Bankers of Washington Annual Conference, Stevenson, WA, 9.19.19
  • Speaker, "A Day in the Life of a Breach Coach," Hanover Cyber Summit, Worchester, MA, 9.11.2019
  • Panelist, "Emerging Online Trends," Hanover Cyber Summit, Worchester, MA, 9.11.19
  • Speaker, "Mitigating the Risk and Expense of Cyber Claims," GAIG Claims Training, Cincinnati, OH, 9.9.19
  • Panelist, "Critical Guidance for Mitigating Business Cyber Risk," Oregon Association of School Business Officers, Bend, OR, 7.24.19
  • Presenter, "Cyber Trends", Advisen Quarterly Events Webinar, 7.24.19
  • Presenter, "Well, It's Too Late Now: Being Properly Prepared for a Data Breach," 2019 CLM Cyber, Management & Liability Conference, 7.11.19
  • Presenter, "Incident Response: Lessons on Claims from the Digital Battlefield," The Hartford Webinar, 06.07.19
  • Panelist, "The Next Big Thing: Keep Track of Emerging Threats," Advisen Cyber Risk Insights Conference, Chicago, IL, 05.16.19
  • Panelist, "Cybersecurity for Attorneys: Protecting Your Clients & Your License," National Creditors Bar Association 2019 Spring Conference, Minneapolis, MN, 05.15.19
  • Presenter, “Cyber Breaches and the Messes They Create,” American Association of Insurance Management Consultants Annual Conference, Charleston, South Carolina, 5.03.19
  • Presenter, “Lessons from the Digital Battlefield," American IT Symposium, New Orleans, LA, 4.24.19
  • Presenter, “Lessons from Thousands of Incidents,” Special Districts Association of Oregon PACE Day, Salem, Oregon, 4.18.19
  • Moderator, "Cyber Insurance: How to Work with Insurance Companies, Battleground Issues and How to get Paid,” Incident Response Forum, Washington, D.C., 4.10.19
  • Presenter, "Cybersecurity Trends Webinar (CISOs)," Fairfax Family of Companies, 03.28.19
  • Panelist, "Privacy Regulation Goes Global: Compliance and Insurance Coverage Issues,” Advisen Cyber Risk Insights Conference, London, England, 03.19.19
  • Moderator, "Creating a Breach Response PLAN – Strategies for Prevention, Logistics, Action and Notification,”  CLM Annual Conference, Orlando, Florida, 03.14.19
  • Speaker, "Enterprise Risk Assessment – A Case Study," CyberCONNECT, Portland, Oregon, 03.06.19
  • Panelist, "Privacy Compliancy – GDPR and Beyond,” CyberCONNECT Portland, Oregon, 03.06.19
  • Moderator, “Outage of Cloud Services Providers – Systemic Risk for Cyber Underwriters,” Advisen Cyber Risk Insights Conference, San Francisco, California, 02.21.19
  • Moderator, “Counseling a Corporation Before the Inevitable Data Security Incident,” Incident Response Forum West, Beverly Hills, California, 02.06.19
  • Panelist, “Cyber Insurance:  From Risk Transfer to Cyber Threat Response – Is It Covered?,” University of San Diego Cyber Law, Risk and Policy Symposium, San Diego, California, 11.15.18
  • Speaker, “Enterprise Risk Assessment - A Case Study,” EDGE 2018 Cyber Summit, Vancouver, Washington, 11.13.18
  • Panelist, “Privacy Compliance - GDPR and Beyond,” EDGE 2018 Cyber Summit, Vancouver, Washington, 11.13.18
  • Speaker, “Cybersecurity and the Petroleum Distribution Industry,” SIGMA 2018 Annual Conference, San Francisco, California, 11.06.18
  • Panelist, “Mapping the Cyber Threat Landscape,” Advisen Cyber Risks Insights Conference, New York, New York, 10.25.18
  • Speaker, “Cybersecurity in the Hospitality Industry,” Academy of Hospitality Industry Attorneys Fall Meeting, Portland, Oregon, 10.18.18
  • Speaker, “New Laws Make Cyber Insurance For Small and Medium Sized Businesses More Critical Than Ever,” Webinar sponsored by Hartford Steam Boiler, 10.16.18
  • Panelist, “Preparing for the Worst – The Importance of Cyber Liability Insurance and a Cyber Security Plan,” 96th Annual Conference for the National Council on Teacher Retirement, Washington, D.C., 10.09.18
  • Speaker, “Emerging Trends in Cybersecurity,” Travelers Annual Business Torts Meeting, St. Paul, Minnesota, 10.01.18
  • Participant, “Cybersecurity Industry Roundtable: Challenges in Data Breach Cases,” U.S. Department of Justice, Washington D.C., 09.27.18
  • Participant, “Executive Roundtable on Cybersecurity,” sponsored by Envista Forensics, New York, New York, 09.26.18
  • Keynote speaker, “Cybersecurity: Keeping the Bad Guys Out,” Willamette Education Service District All Staff Kick Off in Salem, Oregon, 08.27.18
  • Speaker, "General Data Protection Regulation," Webinar sponsored by EPIC Insurance Brokers and Consultants, 05.15.18
  • Speaker, "Current Trends in Cybersecurity," Eastern Washington Finance Officers Association, Spokane, Washington, 05.11.18
  • Speaker, "Today's Digital Dangers ­Too Big and Too Expensive To Ignore," Seattle CIO Executive Summit, Seattle, Washington, 05.09.18
  • Panelist, "How to Survive a Cybersecurity Incident," (data breach simulation exercise) PLUS Cyber University, Chicago, Illinois, 05.02.18
  • Panelist, "Anatomy of a Data Breach," 2018 AIG/Lewis Brisbois Cyber Summit, Pittsburgh, Pennsylvania, 05.01.18
  • Panelist, "Enterprise Risk Analysis," 2018 AIG/Lewis Brisbois Cyber Summit, Pittsburgh, Pennsylvania, 05.01.18
  • Speaker, "Current Online Trends: Digital Risk Management," Special Districts Insurance Services, Public Entity Agents Day, Salem, Oregon, 04.20.18
  • Speaker, "Cybersecurity: Protect Your Business Model," Webinar for Lewis Brisbois, 03.15.18
  • Panelist, “Emerging Risks and Mitigation Strategies,” Advisen Cyber Risk Insights Conference, London, 03.06.18
  • Speaker, "Ransomware Attacks Against U.S. Healthcare: Best Practices for Preparation and Response from the Law Enforcement, Regulatory, Legal and Cybersecurity Perspectives," Webinar for HB Litigation Conferences, 03.01.18
  • Facilitator, Cybersecurity “table top” exercise, Oregon School Personnel Association Winter Advanced Human Resources Retreat, Portland, Oregon, 02.08.18
  • Speaker, “Preventative Services and Tools,” Webinar hosted by Arthur J. Gallagher and ID Experts, 01.18.18
  • Panelist, “Blackbeard 2.0: Solutions for Combatting Today’s Tech Pirates,” Pacific Admiralty Seminar, San Francisco, California, 11.29.17
  • Speaker, “Trends in Data Security,” Oregon State Bar Securities Regulation Section Annual Meeting, Portland, Oregon, 11.16.17
  • Facilitator and Panelist, “Cybersecurity: Important Lessons in Breach Response,” Government Enforcement Institute, University of Texas, Houston, Texas, 10.27.17
  • Panelist, “Cyber Exposure,” Webinar, Sponsored by Hartford Steam Boiler and Munich Re, 10.26.17.
  • Panelist, “The Digital Ecosystem – the Supply Chain Debate,” Advisen Cyber Risk Insights Conference, New York, New York, 10.26.17
  • Panelist, “Data Breach Management: Boot Camp for Rapid Response,” CLM Business Insurance 2017 Cyber Summit, New York, New York, 10.06.17
  • Panelist, “Cyber and the Board,” Advisen Executive Risk Insights Conference, New York, New York, 09.13.17
  • Panelist, “Cybersecurity Attack Preparedness Summit,” Nasdaq MarketSite, New York, New York, 09.12.17
  • Moderator, “Emerging Security Threats,” DRI Cybersecurity and Data Privacy Seminar, Chicago, Illinois, 09.08.17
  • Panelist, “Trends in Cyber Liability and Data Breaches,” Cyber Liability Symposium, PLUS Northwest Chapter, Seattle, Washington, 06.01.17
  • Moderator, “Health Care CISOs Speak: Recent Successes, Challenges, & What’s Top of Mind for 2017 Priorities,” 2017 Advisen Cyber Risk Insights Conference, Chicago, Illinois, May 16-17, 2017
  • Presenter, “Cyber Crime: The Urgent Need for Enterprise Risk Management,” Northwest Summit for Financial Professionals Annual Conference, Bellevue, Washington, May 10-12, 2017
  • Presenter, “Data Breaches – Online Trends and Strategies to Mitigate Growing Risks,” Oregon School Boards Association PACE Day: Safe and Secure Schools, Salem, Oregon, 04.27.17 
  • Panelist, “Cyber Insurance,” Academy of Hospitality Industry Attorneys, Colorado Springs, Colorado, 04.21.17
  • Panelist & Moderator, “The Changing Landscape of Cyber Liability Litigation: Data Misuse, Ransomware, Class Action Following Spokeo, and More.” Advanced Forum on Cyber & Data Risk Insurance, American Conference Institute, Chicago, Illinois, 03.31.17
  • Presenter, “European Privacy Laws: Worth Knowing Something About?,” U.S. Department of Justice, Computer Crime & Intellectual Property Section Annual Conference, National Advocacy Center, Columbia, South Carolina, 03.22.17
  • Presenter, “Cybersecurity and Government Contractors,” Ethics & Compliance Section, Alaska Bar Association, Anchorage, Alaska, 02.22.17
  • Presenter, “Cyber Liability Prevention: Expectations & Best Practices for Information Technology Professionals," Webinar for Alliant Insurance Services, 02.03.17
  • Panelist, “IT and Cybersecurity,” Native American Contractors Association, 2016 B2B Conference & Expo, Tulsa, Oklahoma 11.02.16
  • Panelist, “Responding to Healthcare Data Breaches: The Need for Special Response Measures,” Privacy + Security Forum, Washington D.C. 10.26.16
  • Panelist, “Assessing Risks and Cyber Insurance Needs,” Privacy + Security Forum, Washington D.C. 10.24.16
  • Panelist, “Elevate Your Security,” YPO Oregon Chapter, Portland, Ore. 10.20.16
  • Panelist, “Nonprofits in the Digital Age,” Seminar, Seattle, Wa. 10.18.16
  • Presenter, “Cyber Liability Prevention: Expectations & Best Practices for IT Professionals,” Webinar, 10.14.16
  • Presenter, “CEO/CFO Leadership Breakfast: Data Breaches, Data Dams, and Extortion: Navigating Digital Landmines,” Technology Association of Oregon, Portland, Ore. 10.06.16
  • Panelist, “Breach Happens,” 26th Annual CBW Membership Convention & Tradeshow, Vancouver, Wa. 09.15.16
  • Presenter, “Halftime 2016: When Will You Be Hacked and Attacked?” Webinar, 06.22.16
  • Keynote speaker, “Data Breaches, Data Dams, and Extortion: Navigating the Digital Landscape,” Portland SecureWorld 2016, Portland, Ore. 06.09.16
  • Presenter, “Cyber Threats: How to Protect Your Clients and Your Business,” Accelerate 2016 Workshop, Portland, Ore. 06.09.16
  • Presenter, “Information Security: Trends, Ethical Obligations, and Risk Mitigation,” Business Law Section Midyear Seminar, Washington Bar Association, Seattle, Wa. 05.26.16
  • Panelist, “Cyber Liability: Data Breach Response,” 2nd Annual Cyber Liability Seminar, Seattle, Wa. 04.21.16
  • Panelist, “Hacked and Attacked: Lessons Learned from Recent Healthcare Breaches,” 20th Annual Compliance Institute, Health Care Compliance Association, Las Vegas, Nev. 04.17.16
  • Presenter, “Privacy Laws and Data Breaches,” Bristol Bay Native Corporation Petroleum and Oilfield Service Companies Compliance Training, Girdwood, Alaska, 03.30.16
  • Panelist, “Oh, the Information You’ll Collect, and How to Protect! A Privacy and Cybersecurity Primer for Non-Profits,” Seminar for Non-profits in the Digital Age, San Francisco, Ca. 03.24.16
  • Panelist, “Making the Business Case for Enhanced PHI Protection,” 2016 PHI Protection Network Conference, Philadelphia, Pa. 03.18.16
  • Panelist, “Mitigating Risk & Coordinating the Data Breach Response to a Criminal Cyber Attack,” 2016 PHI Protection Network Conference, Philadelphia, Pa. 03.17.16
  • Presenter, “Cybersecurity: What Can You do to Protect Your Business?” Construction Financial Management Association, South Sound Chapter, Tacoma, Wa. 03.10.16
  • Panelist, “The Federal Government, Cybersecurity and Insurance,” 2016 Advisen Cyber Risk Insights Conference, San Francisco, Ca. 03.03.16
  • Presenter, “Protecting your Intellectual Property in the Supply Chain: Identifying Key Risks and Best Practices,” Lorman Education Services, Webinar, 02.29.16
  • Presenter, “Privacy and Data Security Harms and Standing: Opening the Doors to Class Actions?” Willamette University School of Law Privacy and Security Forum, Salem, Ore. 02.26.16
  • Presenter, “2016 Health Care Regulatory and Compliance Update,” Los Angeles, Ca. 02.24.16
  • Presenter, “Criminal Access to Healthcare Information: What Can Be Done to Better Protect PHI?” ID Experts, Webinar, 01.19.16
  • Presenter, “Incident Response: Planning for the Digital Crisis,” ISACA Willamette Valley Chapter, Portland, Ore. 01.14.16
  • Presenter, “Practical Tips for Managing Litigation and Dealing with the Regulators,” Law Seminars International: Data Breaches and Cybersecurity, Seattle, Wa. 01.11.16
  • Panelist, “Federal Investigations,” Annual Business to Business Conference and Expo, Native American Contractors Association, San Diego, Ca. 11.18.15
  • Keynote speaker, “Information Security: Best Practices/Fewer Breaches,” Native American Contractors Association Annual Business to Business Conference and Expo, San Diego, Ca. 11.17.15
  • Presenter, “Information Security: Add Value to Every Client Relationship,” Webinar, 11.11.15
  • Presenter, “DoD Cybersecurity Rules, Privacy Laws & Data Breaches: Compliance Guide for Federal Contractors,” Corporate Compliance Training Conference, Bristol Bay Native Corporation, Seattle, Wa. 11.09.15
  • Panelist, “Data Breaches: Industry and Law Enforcement Perspectives on Best Practices,” Oregon Bar Association CLE, Portland, Ore. 11.04.15
  • Panelist, “Cyber Insurance: How It Works, How to Select a Policy, and Emerging Trends and Practices,” Privacy + Security Forum, Washington, D.C. 10.23.15
  • Presenter, “CyberWatch for Health Care Organizations,” Physicians Insurance, Seattle, Wa. 10.22.15
  • Presenter, “PCI Compliance – Version 3.1: What is it? Will it prevent a breach? How is it affected by EMV Technology?” The Hartford, Webinar, 10.16.15
  • Presenter, “Cybersecurity: What Can You Do to Protect Your Company?” Construction Financial Management Association, Puget Sound Chapter, Seattle, Wa. 10.13.15
  • Presenter, “Data Breaches: Mitigating Enterprise Risk,” Oregon Bar Association, Health Law Section, Portland, Ore. 10.09.15
  • Presenter, “Cybersecurity: How It May Affect Your Business Model,” Exploring Excellence Study Club, Eugene, Ore. 10.08.15
  • Presenter, “Is Payment Card Industry (PCI) Compliance Worth It?” Axis Pro, Webinar, 09.30.15
  • Panelist, “Cyber Liability: Is Your Company Ready for a Data Breach?” 2015 Community Bankers of Washington Annual Convention, Spokane, Wa. 09.24.15
  • Presenter, “Cybersecurity: Strategies to Manage Enterprise Risk & Liability,” 2015 Chi/Optima Biennial Owners’ Retreat, Carlsbad, Ca. 09.11.15
  • Presenter, “Lessons from Federal Regulatory Enforcement Actions” and “Cyber Insurance Coverage: Ensuring That You Have What You Think You Have,” 2015 Cybersecurity: Technology and the Law Conference, Portland, Ore. 08.14.15
  • Presenter, “Data Breach: The Frightening New Reality,” Oregon Association of School Business Officials 2015 Annual Summer Conference, Bend, Ore. 07.30.15
  • Presenter, “Anatomy of a Data Breach,” Oregon Chapter of the Association of Certified Fraud Examiners, Annual Conference, Portland, Ore. 05.28.15
  • Keynote Speaker, “Cybersecurity: The Evolving Threat Landscape,” California Association for Health Services at Home, 2015 Annual Conference & Home Care Expo, Palm Springs, Ca. 05.20.15
  • Presenter, “Cybersecurity & Your Business Model,” CPE for Accounting Firms, Portland, Ore. 05.18.15
  • Panelist, “Cyber Liability Symposium,” CPCU, PLUS Northwest Chapter, and RIMS, Seattle, Wa. 05.14.15
  • Presenter, “Cybersecurity: What You Can Do To Combat Cyber Crime,” Columbia Bank Quarterly Speaker Series, Seattle, Wa. 05.13.15
  • Panelist, “Cyber Liability Claims,” Oregon Association of Defense Counsel, Commercial Practice Seminar, Portland, Ore. 05.12.15
  • Presenter, “Cyber Liability – Are You Prepared? Anatomy of a Data Breach,” Operations Day, Nonprofit Network Southwest Washington, Vancouver, Wa. 04.24.15
  • Presenter, “Cyber and Data Breach: Risks and How to Mitigate Them,” Webinar, 3.18.15
  • Presenter, “Cybersecurity: Practical Considerations for Petroleum Marketers,” SIGMA Executive Leadership Conference 2015, Aspen, Colo. 02.10.15
  • Presenter, “You’ve Been Hacked … Now What? The Anatomy of a Data Breach,” Outdoor University at Outdoor Retailer Winter Market, Salt Lake City, Utah 01.22.15
  • Presenter, “Cybersecurity: Data Breaches in Health Care,” Lane County Medical Society, Eugene, Ore. 01.13.15
  • Presenter, “Cybersecurity Law: Critical Issues & Risk Management Strategies for Attorneys, Executives & Agency Officials,” Update on Legal Developments for Cybersecurity Law, Law Seminars International, Seattle, Wa. 01.12.15
  • Presenter, “Data Breaches: HIPAA and Beyond,” Bloomberg BNA, Webinar, 12.04.14
  • Panelist, “Cybersecurity and Privacy Law Considerations: From the IT Department to the Boardroom (the Anatomy of a Breach: Lessons from IT and Law Enforcement),” CLE for Business Law Section, Oregon State Bar, Portland, Ore. 11.07.14
  • Presenter, Cybersecurity and the Energy Sector: Gauging the Landscape,” CLE for Energy Sector, Portland, Ore. 11.07.14
  • Panelist, “The Internet of Things: Your Toaster Said What to Your Refrigerator?” Download Conference, New York, N.Y. 10.08.14
  • Presenter, “Trends in Online Fraud,” CLE for Financial Institutions, Portland, Ore. 09.22.14
  • Presenter, “Trends In Online Fraud: Targets, Threats and Solutions,” iovation Fraud Force Summit, Portland, Ore. 09.16.14
  • Presenter, “Data Breach Response: An Emerging Role for Law Enforcement,” Financial Crimes & Digital Evidence Conference, Salem, Ore. 09.09.14
  • Presenter, “Data Breach: HIPAA and Beyond,” Reinventing the Hospital, Webinar Series, 07.23.14
  • Presenter, “Flash Webinar: Managing Risk in a Challenging Environment,” Webinar, 06.26.14
  • Panelist, “When Data Breaches Happen, How Can We Protect Oregonians from Harm?” Protecting Oregon Consumers and Children in the Age of Big Data, Tigard, Ore. 06.25.14
  • Panelist, “The Best Defense is a Good Data Breach Fence: Necessary Steps to Protect Your Network,” Association of Corporate Counsel, Washington Chapter, Microsoft Campus, Redmond, Wa. 06.02.14
  • Presenter, “An Overview of the Stored Communications Act, the Wiretap Act, and National Security Letters,” Data Protection and Security Conference, The Seminar Group, Portland, Ore. February 2014
  • Presenter, “Digital Evidence Boot Camp, Financial Crimes & Digital Evidence Conference,” USDOJ and Oregon DOJ, Salem, Ore. September 2013
  • Presenter, “Criminal Copyright Infringement, Trafficking in Counterfeit Goods, Economic Espionage & Trade Secret Theft,” Intellectual Property Rights Training, Adidas U.S. Headquarters, Portland, Ore. August 2013
  • Presenter, “Cybercrime … The Dark Side of the Internet – A glimpse at cybercrime and why it will continue to affect us …,” 2013 Pacific Northwest Land Title Convention, Portland, Ore. August 2013
  • Presenter, “Digital Evidence for Prosecutors: The Fourth Amendment, Rule 41, the Stored Communications Act, and other issues ...,” United States Attorney’s Office, Eugene, Medford, and Portland, Ore. April 2013
  • Presenter, “Digital Evidence Boot Camp,” United States Attorney’s Office, Eugene, Medford, and Portland, Ore. March 2013
  • Presenter, “Digital Forensic Evidence: Understanding the Value of Digital Forensic Evidence and Forensic Experts, American Bar Association Rule of Law Initiative,” Cybercrime Course, Istanbul, Turkey December 2012
  • Presenter, “Trends in Cybercrime: The Dark Side of the Internet; American Bar Association Rule of Law Initiative,” Cybercrime Course, Istanbul, Turkey December 2012
  • Presenter, “Search Warrants in White Collar Investigations,” United States Attorney’s Office, Portland, Ore. November 2012
  • Presenter, “Trends in Cybercrime: The Dark Side of the Internet,” Pacific Northwest Paralegal Association Annual Seminar, Portland, Ore. June 2012
  • Presenter, “Current Legal Issues in Wireless Phone Location, Tracking Devices & Digital Evidence,” United States Attorney’s Office, Portland, Ore. November 2011
  • Presenter, “Trends in Cybercrime: The Dark Side of the Internet,” Oregon State Bar Association, Computer and Internet Law Section, Portland, Ore. May 2011


  • State Bar Admissions
    • District of Columbia
    • Oregon
    • Washington
  • United States District Courts
    • United States District Court for the District of Oregon
  • United States Courts of Appeals
    • United States Court of Appeals for the Ninth Circuit
  • United States Supreme Court


Oregon, 1987

Washington, 2015

District of Columbia, 2015

U.S. Supreme Court, 1997

U.S. Court of Appeals 9th Circuit, 1991

U.S. District Court District of Oregon, 1991


  • International Information System Security Certification Consortium (ISC2)
  • Information Systems and Audit Control Association (ISACA)
  • International Association of Privacy Professionals (IAPP)

Awards & Honors

  • Incident Response 30 for 2019, selected by Cybersecurity Docket as one of the 30 best and brightest data breach response lawyers in the United States
  • Incident Response 30 for 2018, selected by Cybersecurity Docket as one of the 30 best and brightest data breach response lawyers in the United States
  • Outstanding Support, Dedication, and Contribution to Federal Law Enforcement in the District of Oregon, Federal Law Enforcement Officers Association, Portland, Ore., 2014
  • Outstanding Prosecutive Skills and Assistance to the FBI, FBI Director James B. Comey, 2014
  • Outstanding Assistance and Support on Behalf of the Investigative and Protective Responsibilities of the Secret Service, United States Secret Service Director Julia A. Pierson, 2014
  • Exemplary Efforts on Defense Criminal Investigative Service Investigations, Defense Criminal Investigative Service Office of Inspector General, 2014
  • Outstanding Efforts In Support of the U.S. Postal Inspection Service’s Mission of Protecting the U.S. Mails from Criminal Activity, United States Postal Inspection Service, 2014
  • Appreciation for Protecting the Integrity of the Social Security Number, Social Security Administration Office of Inspector General, 2014
  • Outstanding Dedication and Exemplary Service to the United States Attorney’s Office, District of Oregon, 2014
  • Outstanding Prosecutive Skills and Assistance to the FBI, FBI Director Robert S. Mueller, III, 2010
  • Assistant Attorney General’s Award for Intra-Departmental Cooperation, Assistant Attorney General Matthew Friedrich, 2008
  • Superior Contributions to the Law Enforcement Responsibilities of the United States Secret Service, United States Secret Service, 2007
  • Dedication and Commitment to the Prosecution of Complex Financial Crimes, Internal Revenue Service Criminal Investigation Division, Portland Field Office, 2005
  • Director’s Award, Executive Office for United States Attorneys (EOUSA), 2004
  • Outstanding Assistance to the FBI, FBI Director Robert S. Mueller, III, 2002
  • Outstanding Prosecutive Skills and Assistance to the FBI, FBI Director Louis J. Freeh, 2001
  • Achievements and Contributions to the Department of Justice, Attorney General Janet Reno, 2000
  • Director’s Award, EOUSA,1997
  • Outstanding Contributions in the Field of Drug Law Enforcement, DEA, 1997


University of Oregon School of Law

Juris Doctor, 1987

  • Moot Court Board
  • National Mock Trial Team
  • President, Student Bar Association
  • Centurion Award

Florida State University

Master of Science, Higher Education Administration, 1981

Linfield College

Bachelor of Arts, English and Psychology, 1980

  • President, Associated Students of Linfield College

arrow Back to Attorneys