Covington Forms Cybersecurity Incident Response Team

Covington Forms Cybersecurity Incident Response Team

Leading Cybersecurity Executive Also Joins Firm

July 18, 2016

WASHINGTON—Covington has formed an enhanced team of lawyers and advisors to provide cybersecurity incident response services to clients, highlighted by Stephen Surdu, who formerly led the professional services group of Mandiant, joining the team as a Senior Cybersecurity Advisor. 

Through the formation of the Cybersecurity Incident Response Team with members on both coasts of the United States and in Europe and Asia, Covington has formalized and expanded its capabilities to manage legal investigations into multiple concurrent cybersecurity incidents on an international scale. Unlike many other firms, Covington has developed its leading cybersecurity expertise through working not only on privacy-related incidents, but also addressing cyber threats to systems and physical assets that have an impact on U.S. national security and the integrity of critical enterprises on a global basis as well as insider threats.

Over the past decade, Covington has investigated and handled the legal response to many of the most complex and high-profile breach incidents to date, ranging from the largest drawdown of ATMs in U.S. bank history and large international financial crime breaches to dozens of advanced persistent threat attacks covering personal, proprietary, and government data to criminal breaches impacting the information of more than 50 million users, among many others.

Mr. Surdu is a leading information security executive with more than 35 years of experience both as a consultant and as a senior executive at information security companies like Mandiant and McAfee. His security experience involves evaluating and developing policies, architecting hosted environments, assessing network and application vulnerabilities, and conducting incident response investigations. Mr. Surdu has a deep working knowledge of multiple sectors including internet service providers, telecommunications, high technology, financial services, healthcare, manufacturing, retail, and state and federal government.

“I am excited to join Covington’s Cybersecurity Incident Response Team,” said Mr. Surdu. “Covington’s Cybersecurity practice is distinguished from those of other law firms because of its focus and experience on cutting-edge and complex investigations, its understanding of the underlying technology, and its depth of expertise across multiple jurisdictions.”

Mr. Surdu’s arrival follows the recent hire of Jennifer Martin in the firm’s New York office. Prior to joining Covington, Ms. Martin served in a variety of roles, including as Director of Cyber Incident Response and Operations and as lead in-house internal investigations counsel at Symantec, as a managing director of a top cybersecurity and forensics consulting firm, and as a federal and local cybercrime prosecutor and policy maker. In these positions, Ms. Martin has supervised cyber incident response matters, including data breaches, insider thefts of trade secrets, and intrusions, from initial detection through containment, notification, recovery and remediation.

“We have approached cyber differently from many other firms, recognizing it is a legal issue that impacts critically important functions and the business integrity of clients,” said David Fagan, who leads the firm’s Cybersecurity practice. “Our experience on core cyber issues in the national security context and on criminal issues allows us to understand both the legal and technological aspects of cybersecurity issues. Through the addition of Steve and Jenny, combined with our existing capabilities around the world, we have created a deep team that has the legal expertise and technical knowledge to manage multiple concurrent investigations on a global scope and ensure our clients can connect to the best third-party forensic resources.”

Covington’s Cybersecurity practice advises on the full lifecycle of cybersecurity events, from preparation to incident investigation, response, and remediation, to defense of claims and pursuit of insurance recoveries. It also includes former senior officials from the Department of Homeland Security and Department of Justice, and the firm regularly works with those agencies, as well as other government agencies in the U.S. and Europe on defending against and responding to cyber threats.