Cyber Enforcement Trends: What They Mean for CISOs & Other Executives in the New Line of Fire

Webinar | April.30.2024

It had been four months since our last conversation about the regulatory and enforcement focus on information security and technology executives.

The SEC had upped the ante in its enforcement action against SolarWinds and its Chief Information Security Officer Tim Brown, and there were more investigations afoot related to other major security incidents. They were not alone. Not only had the FTC and other regulators focused on individuals, but the DOJ had also recently reaffirmed its view that the best way to effect corporate change was to focus on individuals. The landscape was continuing to evolve – and there was more happening behind the scenes.

Three experienced legal advisors and a leading CISO on the front lines of these trends discussed ideas for how they could prepare.

Aravind Swaminathan, Partner, Global Co-Chair, Cybersecurity and Data Privacy, Orrick, Herrington & Sutcliffe
Jerry Archer, Senior Advisor, McKinsey & Company (Former CISO for Sallie Mae)
Luke Dembosky, Partner, Co-Chair, Global Data Strategy and Security practice
Ken Herzinger, Global Co-Chair, Investigations and White-Collar Defense, Paul Hastings

Our People

Aravind Swaminathan Partner, Cyber, Privacy & Data Innovation, Class Action Defense

Seattle; Boston

See my bio

Practice:

Finance Sector
Technology & Innovation Sector
Cyber, Privacy & Data Innovation
Class Action Defense
White Collar, Investigations, Securities Litigation & Compliance
Government Investigations and Enforcement Actions
Trials
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Aravind Swaminathan Partner

Seattle; Boston

A leading cybersecurity and online safety authority, Aravind is recognized by Chambers USA in Privacy and Data Security in both Litigation and Incident Response. Clients describe him as “a very talented lawyer experienced with incident responses” and “incredibly responsive and technically savvy.”

Aravind’s deep knowledge of his clients’ business objectives and technological capabilities distinguishes him as a strategic advisor and frontline crisis responder. He advises some of the world’s leading online platforms, public and private financial institutions, tech companies, higher education institutions, and critical infrastructure providers on cybersecurity, and their obligations to monitor and remove harmful or illegal content online and root out instances of child exploitation.

He is adept at guiding companies through cybersecurity incidents, having directed more than 500 data breach investigations, including enterprise-wide network intrusions to cyberattacks with national security implications. Aravind defends clients in an array of cybersecurity and privacy class actions and regulatory enforcement actions brought by the SEC, FTC, NY DFS and State AGs, and also represents individual C-level executives in criminal and civil regulatory enforcement matters.

As a former assistant United States attorney, he investigated and prosecuted a broad array of cybercrime, child exploitation cases, digital crimes, and white-collar crime cases. This first-hand knowledge of federal agencies allows him to navigate the system, partner with investigators and find creative solutions for clients.

Aravind is a member of Orrick’s Board of Directors, and he devotes much of his free time to advising independent schools on AI, online safety, and cybersecurity, and teaching and coaching.