Twitter Logo Youtube Circle Icon LinkedIn Icon

United States > Media, technology and telecoms > Cyber law > Law firm and leading lawyer rankings


Index of tables

  1. Cyber law
  2. Leading lawyers

Leading lawyers

  1. 1

Covington & Burling LLP’s team, led by David Fagan and James Garland, represents global retailers, national sports associations, payment card service providers, and global life science companies. Largely based in Washington DC, the team is experienced in incident preparedness, insurance coverage, intellectual property protection, class action defense, insider threats and cybersecurity policies. Eric Holder rejoined the firm in July 2015 after serving as US Attorney General, Aaron Lewis rejoined following a stint as a federal prosecutor in Los Angeles, Raymond Biagini joined, and Richard Rainey rejoined the firm from General Electric, where he served as global chief IP litigator and dealt with cybersecurity threats. Alex Berengaut is a litigator who advises on national security and law enforcement related compliance issues, including electronic surveillance and cybersecurity, and was promoted to the partnership in October 2015, as was San Francisco-based Lindsey Tonsager, who advises multinational companies on how to mitigate data privacy and security risks.

Vincent Sanchez in Chicago and Jim Halpert in Washington DC co-chair DLA Piper LLP (US)’s team, which is ‘nimble and quick to assemble the appropriate response - they understand the regulatory landscape in the US and abroad, the various threat factors and they have the global reach to respond to any type of matter’. Recent mandates include advising LifeLock on its data security policies and new product development regarding data security and credit risks involving its consumer interface. Commended for her experience in high-profile data breach investigations, clients say of Washington DC-based counsel Tara Swaminatha that she ‘understands the various workflows of an investigation, plans for contingencies, anticipates client concerns and pain points, successfully liaises with law enforcement, understands forensics and is able to digest technical reports in a meaningful and actionable way’. Other clients include Blue Cross Blue Shield Association, Avid Life Media, and the Internet Security Alliance. Aravind Swaminathan departed for a position at Orrick, Herrington & Sutcliffe LLP. Since publication, the former co-head of the practice at Sidley Austin LLP, Anna Spencer, has joined the firm's Washington DC office.

Hogan Lovells US LLP’s practice is led out of the Washington DC office by the highly renowned Harriet Pearson. A highlight of the year was acting for Anthem in the wake of its cyber attack in February 2015; the team is providing advice regarding the forensic investigation, breach notification, communications and interactions with consumers; and is handling investigations by federal and state health and insurance regulators, state attorneys general and law enforcement. The team recently welcomed Stephanie Yonekura to the Los Angeles office, who, prior to joining the firm, was the acting US attorney for the Central District of California. Senior associate and Safety Act specialist Allison Bender joined the DC office from the Department of Homeland Security.

Hunton & Williams LLP represents a large number of clients in the retail, healthcare, financial and technology sectors, and has done recent work for the likes of Google, JPMorgan Chase, MasterCard, Morgan Stanley, Procter & Gamble, Rite Aid and The Blackstone Group, among others. Lisa Sotto is head of the global privacy and cybersecurity practice and Aaron Simpson and DC-based Paul Tiao are key members of the team, with expertise in the cybersecurity policies of national companies, insider threats and data security incidents involving payment card systems. Phyllis Marcus joined the DC office as counsel from the FTC, where she led the children’s online privacy program.

The Ropes & Gray LLP team advises clients on all aspects of cybersecurity and responses to cyber intrusions, including investigations, remediation and regulatory and contract compliance. San Francisco-based James DeGraw is recommended for his ‘knowledge and experience’, and Seth Harrington in Boston ‘is very knowledgeable and professional’. Douglas Meal and Heather Egan Sussman co-head the privacy and data security practice; Sussman recently joined from McDermott Will & Emery LLP. Clients include Target, Neiman Marcus, Genesco and Home Depot. For Wyndham Hotels, the team has been handling various data security breaches of the computer networks of a number of independently owned Wyndham-branded hotels in which payment card data was collected; the FTC lawsuit settled in December 2015 with an agreement to establish an information security program that will include annual auditing.

Theodore Kobus heads up the practice at Baker & Hostetler LLP, which recently welcomed Will Daugherty as counsel to the Houston office from an in-house position at GameStop. Elsewhere, Amy Fouts and counsel Vimala Devassy joined the Atlanta office, and Paulette Thomas joined the Cincinnati office as counsel. The new hires bring expertise in incident response preparedness, healthcare, regulatory matters, and HIPAA compliance. Significant recent work includes assisting with data breaches suffered by Blue Cross Blue Shield.

David Lashway leads the six-partner team at Baker McKenzie LLP, which advises global vehicle manufacturers, internet services companies, global hotel chains, financial groups, and telecoms companies. Recent work includes carrying out crisis management and an investigation following a computer network intrusion involving servers in 70 countries. Other expertise includes investigations into compliance with FTC decrees. Hillary Brennan was promoted to the partnership in January 2015.

The Morrison & Foerster LLP team ‘is at the top of the game, especially in the storm that is privacy law’. Miriam Wugmeister and Andrew Serwin, who are based in New York and San Diego respectively, lead the team, and along with Nathan Taylor in Washington DC and Christine Lyon in Palo Alto, they are commended for their ‘sensible privacy program counseling, and data breach expertise in both domestic and international matters’. Washington DC-based Rick Fischer is recommended for his knowledge of US financial privacy and policy. The team is representing CVS before the FTC and the Office for Civil Rights in a consent decree and resolution agreement arising from allegations related to information security.

Orrick, Herrington & Sutcliffe LLP’s lawyers in this space ‘are extremely responsive and client focused, they meet the needs of both in-house counsel and tech-savvy business clients’. Antony Kim in Washington DC and Aravind Swaminathan in Seattle - who joined in January 2015 from DLA Piper LLP (US) - earn particular praise. Gabriel Ramsey, who splits his time between San Francisco and Silicon Valley, has extensive experience litigating intellectual property theft cases, handling technical threats and building defensive programs to protect clients’ data, systems, products and intellectual property. Seattle-based Rob McKenna and Los Angeles-based Mark Mermelstein are also key members of the team. Microsoft, Sony, the City of Seattle, T-Mobile and W.W. Grainger are examples of its high-profile clients.

Pillsbury Winthrop Shaw Pittman LLPis the gold standard in the cybersecurity area’, according to one client. Co-chair Brian Finch in the DC office is ‘knowledgeable, available and helpful’ and Los Angeles-based Catherine Meyer is known for advising clients regarding the protection of financial privacy and customer privacy rights under state, federal and international statutes and regulations, and is experienced in relation to personal information threats. Deborah Thoren-Peden is advising Fortune 500 multinational financial services corporations on privacy and enforcement matters, and is assisting with the design of risk-based compliance programs, including banking transactions, charge card processing and travel services.

The team at Proskauer Rose LLPdelivers competent, calm and professional counsel in times of stress’ and is led by the ‘highly competentKristen Mathews in New York. Clients include international consumer-facing businesses, telecom companies, management software providers, household goods retailers, national plumbing franchises and luxury goods brands.

Sidley Austin LLP is, according to one client, ‘among the very best - the privacy team is bright, creative, hardworking, timely and decent’. Washington DC-based Edward McNicholas and Alan Raulare outstanding in every respect’. Apple, AT&T, Neiman Marcus, and Michaels Stores are among its high-profile clients. James Cole joined after serving as US Deputy Attorney General, and trial lawyer Michael Mallow joined from Loeb & Loeb LLP; both have strengths in privacy, data security and information law. Since publication, former co-head of the practice Anna Spencer has moved to DLA Piper LLP (US).

Steptoe & Johnson LLP has ‘an incredibly responsive, first-rate team’, which is led by Stewart Baker in Washington DC and Michael Vatis in New York. Clients say of the pair that their ‘knowledge of not only the law but also the politics involved in dealing with law enforcement and national security matters is fantastic’. The team was retained by Coalition for Responsible Cybersecurity - made up of Ionic Security, Intel, Synack, FireEye, Raytheon, and Symantec - whose aim is to oppose the adoption of certain export control regulations proposed by the Commerce Department that, among other things, would require licenses for all exports of controlled cybersecurity items. According to the Coalition, the proposed rule would impact US cybersecurity effectiveness.

Arnold & Porter Kaye Scholer LLP has a primarily healthcare-focused practice, led by Washington DC-based Nancy Perkins, Ronald Lee and Kenneth Chernof. Perkins has expertise in international law and advises clients on US-EU Safe Harbor with regard to the EU Data Protection Directive. Lee focuses on national security, cybersecurity, and government contracts matters, and Chernof is a litigator with data breach expertise.

Cooley LLP’s practice is led by Michael Rhodes in San Francisco, ‘he provides good all-around advice and is a great privacy and cyber lawyer’. Randy Sabett in Washington DC is a key team member and recently assisted a provider of online HR services after sensitive information was released. San Francisco-based Matthew Brown is another key team member and was recently involved in defending a high-profile client in the online retail space in a class action involving a breach of users’ personal information data.

Debevoise & Plimpton LLP fields a ‘thorough, client-friendly and very professionally managed team’, and singled out for particular praise by clients are Jeremy Feigelson and recently promoted partner David Sarratt. They are both based in New York, as is Jim Pastore, who was promoted to the partnership in April 2015. In Washington DC, former head of the DOJ’s criminal division David O’Neil joined the team, bringing strengths in cybersecurity and white-collar crime, and former chief privacy officer at Fannie Mae Jeewon Kim Serrato joined as litigation and cybersecurity counsel. Home Depot, Viacom, Sony and NBCUniversal are among its high-profile clients.

The Washington DC-based team at Jenner & Block LLP was recently bolstered by the arrivals of Nancy Libin from Wilkinson Barker Knauer LLP, Heidi Wachs, who joined as special counsel from Gartner, and Mark Nackman, who joined from Dynamics Fidelis. Recent highlights include acting for a large cable provider in the US as part of an international data breach and cybercrime incident involving third-party service providers. Mary Ellen Callahan leads the team and is highly experienced in advising clients on cyber insurance, breach preparedness and implementing technical tools for cybersecurity protection.

Latham & Watkins LLP’s Washington DC-based practice head Jennifer Archie is ‘dynamic, responsive, personable, and clearly and simply communicates in a way that bridges the gap between technology and law’. During the team’s representation of LogMeIn in its acquisition of LastPass, LastPass suffered a data breach involving users’ personal information; the team supervised the security breach and recovery, and devised deal terms to mitigate issues arising that might have affected the transaction; Susan Mazur and Sarah Gagan in Boston were both involved in this matter. New York-based Jeff Hammel is a securities litigator, and recently handled cybersecurity matters for a large publicly traded company.

Mayer Brown boosted its cyber offering with the hire of new practice leader Rajesh De in Washington DC, formerly of the National Security Agency. The team advised a client in the food sector on a significant data breach in its Asian offices involving a third-party vendor. Kendall Burman joined as counsel from the Department of Commerce and has expertise in consumer privacy, and Josh Silverstein joined as an associate from the DOJ and has specialist knowledge of national security issues.

WilmerHale’s practice is led by D. Reed Freeman and Benjamin Powell in Washington DC. Recent mandates include assisting a major technology company in investigating compliance with data localization requirements regarding the provision of cloud services to numerous federal agencies.

Interview with...

Law firm partners and practice heads explain how their firms are adapting to clients' changing needs

International comparative guides

Giving the in-house community greater insight to the law and regulations in different jurisdictions.

Select Practice Area

The Legal 500 United States - Events

GC Powerlist -
United States

Press releases

The latest news direct from law firms. If you would like to submit press releases for your firm, send an email request to

Legal Developments worldwide

Legal Developments and updates from the leading lawyers in each jurisdiction. To contribute, send an email request to

Press Releases worldwide

The latest news direct from law firms. If you would like to submit press releases for your firm, send an email request to