Profiles search
Scott J. S.
Head of Cybersecurity Law at Zoom | xMicrosoft | xU.S. Dept. of Justice | xWells Fargo
Seattle, WA, United States
Details
Education:
J.D.
Law
The College of William and Mary - Marshall Wythe Law School
Bachelor of Science (B.S.)
Computer Science
Millersville University of Pennsylvania
Harry S. Truman High School
Law
The College of William and Mary - Marshall Wythe Law School
Bachelor of Science (B.S.)
Computer Science
Millersville University of Pennsylvania
Harry S. Truman High School
Experience:
2021 : Present
Zoom
Head of Cybersecurity Law
2018 : 2021
Wells Fargo
Managing Counsel and SVP, Cybersecurity
Lead cybersecurity attorney for major financial institution's Information Security Division, encompassing 265k employees and $1.8 trillion in assets. Primary areas of responsibility include global incident response legal lead; data breach notification obligations under GLBA, HIPAA, state, and international laws; government regulatory information security compliance; drafting incident response playbooks, international employee monitoring privacy issues, cybersecurity advertising, and drafting/negotiating information security terms in large financial services contracts and business associate agreements. Lead attorney for CISO, provide analysis and participate with FSR, TCH, SIFMA, and other trade groups on information security regulations, and handle other cybersecurity and privacy related issues.
2015 : 2021
Wells Fargo
Senior Attorney, Cybersecurity
Lead Stroz Friedberg’s Seattle area office including overseeing the firm’s Seattle operations and key practice areas, including cybercrime and data breach response, digital forensics and ediscovery. Manage on-site digital forensics laboratory, supervise digital forensics, cybercrime and incident response investigations and end-to-end processing for all e-discovery engagements. Provide strategy, analysis and advice to senior executives, in-house lawyers and outside counsel concerning digital risk and investigations, as well as privacy. Data breach and cybercrime response experience includes large and complex investigations, often involving PHI, PCI and PII data. Clients include large Internet companies, public universities, healthcare organizations and online retailers.
2011 : 2014
Stroz Friedberg, LLC
Managing Director
Led Microsoft’s Regulatory Affairs domestic criminal compliance program to ensure compliance with data protection laws (including ECPA, FISA, Title III, etc.) concerning disclosure to governments of Microsoft’s online services customer data and communications, including Hotmail. Provided advice concerning data security and privacy laws, and refined Microsoft Online Terms of Use and Privacy statements.
Led Microsoft’s Internet Security programs for malicious code, botnets and spyware. Developed strategies and supervise investigations relating to identifying persons suspected of violating criminal and civil laws relating to the distribution of malicious code (worms and viruses), creating and using botnets, and installing spyware. Responsibilities include supervising a 1.5 million dollar budget and managing 5 technical investigators. Team Lead for Microsoft’s Internet Crimes Investigations team, that supports Microsoft’s Security Response Center by building systems to support investigations into malicious code writers/distributor. Manage online investigations and support support internal Network investigations, coordinate with numerous Privacy teams on data breaches and customer notifications, relating to data/account compromises.
• Led Microsoft’s investigation into the writer and distributor of the Zotob/Mytob worms and received FBI Exceptional Service Award for the investigation;
• Developed concept and project lead for Microsoft's PhotoDNA technology, used to detect, prevent and report distribution of images of containing child pornography.
• Created and led Microsoft's investigations resulting in several Law Enforcement sweeps of malware distributors known as BotRoast I and II.
2005 : 2011
Microsoft
Senior Attorney, Regulatory Affairs
Zoom
Head of Cybersecurity Law
2018 : 2021
Wells Fargo
Managing Counsel and SVP, Cybersecurity
Lead cybersecurity attorney for major financial institution's Information Security Division, encompassing 265k employees and $1.8 trillion in assets. Primary areas of responsibility include global incident response legal lead; data breach notification obligations under GLBA, HIPAA, state, and international laws; government regulatory information security compliance; drafting incident response playbooks, international employee monitoring privacy issues, cybersecurity advertising, and drafting/negotiating information security terms in large financial services contracts and business associate agreements. Lead attorney for CISO, provide analysis and participate with FSR, TCH, SIFMA, and other trade groups on information security regulations, and handle other cybersecurity and privacy related issues.
2015 : 2021
Wells Fargo
Senior Attorney, Cybersecurity
Lead Stroz Friedberg’s Seattle area office including overseeing the firm’s Seattle operations and key practice areas, including cybercrime and data breach response, digital forensics and ediscovery. Manage on-site digital forensics laboratory, supervise digital forensics, cybercrime and incident response investigations and end-to-end processing for all e-discovery engagements. Provide strategy, analysis and advice to senior executives, in-house lawyers and outside counsel concerning digital risk and investigations, as well as privacy. Data breach and cybercrime response experience includes large and complex investigations, often involving PHI, PCI and PII data. Clients include large Internet companies, public universities, healthcare organizations and online retailers.
2011 : 2014
Stroz Friedberg, LLC
Managing Director
Led Microsoft’s Regulatory Affairs domestic criminal compliance program to ensure compliance with data protection laws (including ECPA, FISA, Title III, etc.) concerning disclosure to governments of Microsoft’s online services customer data and communications, including Hotmail. Provided advice concerning data security and privacy laws, and refined Microsoft Online Terms of Use and Privacy statements.
Led Microsoft’s Internet Security programs for malicious code, botnets and spyware. Developed strategies and supervise investigations relating to identifying persons suspected of violating criminal and civil laws relating to the distribution of malicious code (worms and viruses), creating and using botnets, and installing spyware. Responsibilities include supervising a 1.5 million dollar budget and managing 5 technical investigators. Team Lead for Microsoft’s Internet Crimes Investigations team, that supports Microsoft’s Security Response Center by building systems to support investigations into malicious code writers/distributor. Manage online investigations and support support internal Network investigations, coordinate with numerous Privacy teams on data breaches and customer notifications, relating to data/account compromises.
• Led Microsoft’s investigation into the writer and distributor of the Zotob/Mytob worms and received FBI Exceptional Service Award for the investigation;
• Developed concept and project lead for Microsoft's PhotoDNA technology, used to detect, prevent and report distribution of images of containing child pornography.
• Created and led Microsoft's investigations resulting in several Law Enforcement sweeps of malware distributors known as BotRoast I and II.
2005 : 2011
Microsoft
Senior Attorney, Regulatory Affairs
Company:
Zoom
Years of Experience:
31
Skills
Computer Forensics, Computer Security, Courts, Criminal Investigations, Criminal Law, Cybercrime, Cybercrime Investigation, Data Privacy, Data Security, Digital Forensics, Enforcement, Evidence, Firearms, Forensic Analysis, Fraud, fraud investigations, Incident Response, Information Security, Information Security Management, Intellectual Property, Internet Security, Investigation, Law Enforcement, Leadership, Litigation, Litigation Support, National Security, PCI DSS, Policy, Privacy Law, Private Investigations, Program Management, public policy, Risk Assessment, Security, Security Audits, Security Management, Strategy, Trials, Vulnerability Assessment
Profile Photo
