Photo of David A. Simon

David Simon is a partner in Mayer Brown's Washington DC office and a leading member of the global Cybersecurity & Data Privacy practice. He is also a member of the firm's National Security and Government Contracts practices. A former special counsel at the US Department of Defense (DoD) and chief cyber counsel to the US Cyberspace Solarium Commission, David has deep experience advising victims of ransomware attacks and state-sponsored cyber activity. Named as a Cybersecurity Trailblazer by The National Law Journal, David has also been named to Cybersecurity Docket’s “Incident Response 40,” a collection of 40 of the “best and brightest” incident response attorneys in the country. David regularly supports clients as the lead investigator and crisis manager for cross-border cyber incidents, including data breaches involving personal data, nation-state threats targeting intellectual property, state-sponsored theft of sensitive U.S. government information, and destructive attacks. David has directed and advised on dozens of complex cyber incident and data breach investigations in the last few years alone. He has counseled companies on major cyber incidents and incident preparedness across virtually every sector of the economy. David represents financial institutions, automotive manufacturers and self-driving car companies, tech companies, telecommunications companies, healthcare companies, insurance companies, defense and aerospace companies, private equity firms and their portfolio companies.

Read David's full bio.

This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (SEC). These enforcement actions highlight the SEC’s scrutiny of written documentation and disclosures following incidents. In this National Cybersecurity Awareness Month Legal Update, we discuss the SEC’s recent cyber enforcement actions,

On June 11, 2021, the US Securities and Exchange Commission (SEC) announced that it would focus on cybersecurity disclosures made by public companies as part of its regulatory agenda. Given the SEC’s continued interest in cybersecurity issues, high-profile ransomware attacks and executive orders issued by President Biden, it is no surprise that the SEC is