Ashden Fein

Our Website Uses Cookies

We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.

For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

PDF Binder
- Create PDF
- Add to Binder
Word Document Binder

Ashden Fein

Associate

Washington +1 202 662 5116 afein@cov.com Download V-card

View Less

Ashden Fein advises clients on cybersecurity and national security matters, including government and internal investigations, regulatory, and complex litigation matters.

For cybersecurity matters, Mr. Fein specifically counsels clients on preparing for and responding to cyber-based attacks, assessing their security controls and practices for the protection of data and systems, developing and implementing cybersecurity programs, and complying with federal and state regulatory requirements. Mr. Fein also has been the lead investigator and crisis manager for multiple complex cyber and data security incidents, including data security breach matters involving millions of affected consumers, advanced persistent threats targeting intellectual property across industries, state-sponsored theft of sensitive U.S. government information, and destructive attacks.

On national security issues, Mr. Fein assists clients with sensitive national security investigations and responding to government inquiries. He also advises aerospace, defense, and intelligence contractors on security compliance, including under the National Industrial Security Program and U.S. Government cybersecurity regulations. He represents foreign and domestic clients in various industries in securing the approval the Committee on Foreign Investment in the United States (CFIUS), as well as ongoing compliance matters related to mitigation agreements with CFIUS.

Before joining Covington, Mr. Fein served for thirteen years in the United States Army, first as a military intelligence officer and later as a Major in the Judge Advocate General’s Corps. While on active duty, he specialized as a military prosecutor, gaining significant experience in complex litigation and cybersecurity. He served as the lead trial attorney in the prosecution of Private Chelsea (Bradley) Manning for the unlawful disclosure of classified information to WikiLeaks, the largest national security and cybercrime investigation and prosecution in the history of the Army. He worked closely with senior officials at the Department of Justice, U.S. Attorneys’ Offices, the Federal Bureau of Investigation, the Department of State, the Department of Defense, other government agencies within the intelligence community, and several federal, state, and local enforcement agencies. In addition, Mr. Fein served as the Chief of the Criminal Division for a command of 17,000 soldiers and as a legal advisor for an Army Aviation organization deployed in Iraq. Mr. Fein currently serves as a Judge Advocate in the U.S. Army Reserve.

View More View Less

Counsel to multiple Fortune 100 companies in responding to data and cybersecurity incidents, including, among others, stolen personal information and multiple attacks by Advanced Persistent Threats directed at the intellectual property or sensitive data of defense, life sciences, and technology companies.
Represents clients before the Federal Trade Commission, Department of Defense, and the Intelligence Community on cybersecurity and data breach matters.
Represent clients from across industries with development of cyber and information security policies, including incident response preparation and training.
Advise companies on issues of cybersecurity, cooperation with law enforcement, and public policy.

Counsel to cleared U.S. companies in responding to government investigations of sensitive national security matters, compliance with the NISPOM and specific security requirements, and FOCI mitigation.
Counsel to multiple foreign-owned companies on data and cybersecurity issues involved in national security reviews conducted by the Committee on Foreign Investment in the United States (CFIUS).

View More View Less

Represent a non-profit organization to assist with development of global cybersecurity and privacy policies.

U.S. Army Reserve, Judge Advocate General Corps
American Bar Association, Standing Committee on Law and National Security and Information Security Committee

Lead Trial Attorney, United States v. Private Chelsea (Bradley) Manning (WikiLeaks), United States Army (2010-2014)
Division Chief and Senior Trial Attorney, United States Army (2009-2010)
Brigade Judge Advocate and Trial Attorney, United States Army (2008-2009)
Military Intelligence Officer and Counterintelligence Agent, United States Army (2002-2007)

Who’s in Your Supply Chain? Contractors Face Increasing Compliance Obligations and Restrictions

How well do you actually know your supply chain—from the materials you acquire to the software you include in your products or services? If you have not answered this question recently, you should consider adding it to your “to do” list. Not only does the U. S. Government want to know, it is increasingly imposing new compliance obligations on its contractors.

China Seeks Public Comments for Draft Cybersecurity Regulations

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

China Seeks Public Comments for Draft Regulations on Cybersecurity Multi-level Protection Scheme to Implement the Cybersecurity Law

NIST Releases Updated Cybersecurity Framework

Pursuant to Executive Order 13636, the National Institute of Standards and Technology (“NIST”) established the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, a technology-neutral, voluntary, risk-based cybersecurity framework that includes standards and processes intended to align policy, business, and technological approaches to ...

NIST Releases New Draft Publication Designed to Assist Contractors In Assessing Compliance with NIST SP 800-171

Ahead of the upcoming December 31, 2017 deadline for federal defense contractors to implement the security controls of National Institute of Standards and Technology (“NIST”) Special Publication 800-171 (“SP 800-171”), NIST has released a new draft publication designed to assist organizations in assessing compliance under SP 800-171, Draft Special Publication ...

Key Information Security Pointers from the FTC’s Stick with Security Guidance

Earlier this year, the FTC’s staff released a series of blog posts entitled Stick with Security that updated and expanded upon the prior Start with Security best-practices guide for information security practices. The Stick with Security series draws from FTC complaints, consent orders, closed investigations, and input from companies around the country to ...

National Cybersecurity Awareness Month Q&A with Ashden Fein

Ashden Fein’s Cybersecurity practice focuses on counseling clients who are preparing for and responding to cyber-based attacks on their networks, assessing their security controls and practices for the protection of data and systems, developing and implementing cybersecurity programs, and complying with federal and state regulatory requirements. Ashden has ...

Department of Justice Releases Guidance for Vulnerability Disclosure Programs

Last week, the U.S. Department of Justice (“DOJ”) released a voluntary framework for organizations to use in the development of a formal program to receive reports of network, software, and system vulnerabilities, and to disclose vulnerabilities identified in other organizations’ environments. This framework provides private entities a series of steps to ...

Manage Ransomware Risks Now

Last Friday may mark the start of a new era in cyber crime. The first worldwide ransomware attack, commonly dubbed “WannaCry,” emerged on May 12. The malware is believed to have infected more than 300,000 computers in 150 countries to date. A cyber criminal or ring of criminals, taking advantage of an exploit made available by the ShadowBrokers hacker group that ...

Reports Suggest New York DFS to Revise Proposed Cyber Regulations and Delay Implementation

Based on reports citing New York Department of Financial Services (“DFS”) sources (see here and here), DFS may propose a revised version of its first-in-the-nation cybersecurity regulations on December 28, 2016. That revision would be followed by a new 30-day comment period, with the revised regulations scheduled to take effect on March 1, 2017. This...… ...

Industry Reacts to New York’s Proposed Cybersecurity Regulation for Financial Services Institutions

On December 19, 2016, the New York State Assembly Standing Committee on Banks heard testimony about a proposed regulation introduced by the New York State Department of Financial Services that would require financial services companies to develop and implement cybersecurity programs to defend against cyber-attacks. As we covered when Governor Andrew Cuomo ...

NIST Releases Cybersecurity Guidance for Internet of Things

On November 15, 2016, the National Institute of Standards and Technology (NIST) released its final guidance providing engineering-based solutions to protect cyber-physical systems and systems-of-systems, including the Internet of Things (IoT), against a wide range of disruptions, threats, and other hazards. NIST Special Publication 800-160 (the “Guidance”) is ...

NIST Releases Cybersecurity Guide for Small Businesses

The National Institute of Standards and Technology (NIST) released guidance today designed to help small businesses improve their cybersecurity preparedness. The document, Small Business Information Security: The Fundamentals, is based on NIST’s 2014 Framework for Improving Critical Infrastructure Cybersecurity, a widely used cybersecurity framework ...

Will Cybersecurity Best Practices Morph into Cyber Mandates?

The federal government has been encouraging employers to adopt best practices to address both external and internal threats to critical business information and infrastructure. These best practices have included an important human resources element, including policies and programs covering current and former employees. For example, the Obama Administration ...

Cybersecurity Discussions at the 2015 G-7 Summit

On Monday, the 2015 G-7 Summit ended with the President and other Leaders of the G-7 focused generally on a wide range of economic, security, and development issues, and specifically discussing the energy sector’s cybersecurity posture. According to the White House, the Leaders “launched a new cooperative effort to enhance cybersecurity of the energy sector...… ...

Insider threats to cybersecurity — An HR legal perspective

Richard Shea, Lindsay Burke and Ashden Fein have authored this article on cybersecurity threats: "Cybersecurity threats can emanate not just from outside sources but from company insiders as well — including employees, executives, directors and contractors. According to NetDiligence’s 2014 Cyber Insurance Claims Study, roughly one-third of the reported events ...

View More View Less

Our Website Uses Cookies

Representative Matters

Pro Bono

Memberships and Affiliations

Previous Experience

News and Insights (Showing 5 of 25) (Showing 25 of 25)

Who’s in Your Supply Chain? Contractors Face Increasing Compliance Obligations and Restrictions

China Seeks Public Comments for Draft Cybersecurity Regulations

China Seeks Public Comments for Draft Regulations on Cybersecurity Multi-level Protection Scheme to Implement the Cybersecurity Law

NIST Releases Updated Cybersecurity Framework

Further Guidance for New Cyber Rule

NIST Releases New Draft Publication Designed to Assist Contractors In Assessing Compliance with NIST SP 800-171

Key Information Security Pointers from the FTC’s Stick with Security Guidance

National Cybersecurity Awareness Month Q&A with Ashden Fein

Highlights of DOD Industry Information Day on the DFARS Cyber Rule

Department of Justice Releases Guidance for Vulnerability Disclosure Programs

Manage Ransomware Risks Now

Reports Suggest New York DFS to Revise Proposed Cyber Regulations and Delay Implementation

Industry Reacts to New York’s Proposed Cybersecurity Regulation for Financial Services Institutions

NIST Releases Cybersecurity Guidance for Internet of Things

NIST Releases Cybersecurity Guide for Small Businesses

Cybersecurity: Steps to Take Before, During, and After an Incident

Insider Threats to Cybersecurity—Prevent, Prepare, and React Webinar

Ensuring best practices in the investigation of an incident

Cybersecurity: Recent CFTC and NFA Activity

Cybersecurity 2.0: The Role of Counsel in Addressing Destructive Cyberattacks

Will Cybersecurity Best Practices Morph into Cyber Mandates?

Insider Threats to Cybersecurity—Prevent, Prepare, React

Cybersecurity Discussions at the 2015 G-7 Summit

Insider Threats to Cybersecurity — An HR Legal Perspective

Insider threats to cybersecurity — An HR legal perspective

Practices

Industries

Education

University of North Carolina School of Law, J.D., 2007

U.S. Military Academy at West Point, B.S., 2001

Government Service

Bar Admissions