Heidi L. Wachs is Managing Director, Engagement Management, and head of the Washington, D.C. office of Stroz Friedberg, an Aon Company, where she helps clients prepare for and respond to data breach and cybersecurity incidents and develop and implement data privacy and information security programs. Ms. Wachs oversees complex investigations involving the collection, use, and sharing of data and personal information, in particular through the use of APIs, scraping, hacking, cookies, and other third-party web page integrations. Ms. Wachs' experience includes serving as a technical analyst and Chief Privacy Officer for a leading national research university, and she frequently lectures and publishes on best practices for data privacy and breach response, information security, and information governance. 

Ms. Wachs has led numerous incident responses to ransomware attacks, business e-mail compromises, wire transfer fraud, malware infections, and large scale data breaches involving personal information. She advises clients and works closely with in-house and outside counsel through the entire lifecycle of matters by quickly assembling digital forensics and incident response teams, supervising the deployment of proprietary incident response technologies, briefing C-suite executives and other business and legal stakeholders, and coordinating supplemental resources across multiple practice areas, such as the intelligence division to conduct deep and dark web monitoring. 

In proactive matters, Ms. Wachs guides companies in developing and implementing information governance and information security policies, programs, and procedures, including leading tabletop exercises for executives and technical teams. Ms. Wachs has also co-led large-scale investigations to assist clients in understanding and reviewing their data collection, use, and retention policies. These complex technical and privacy investigations, including retroactive reviews, enable companies to identify historical and ongoing abuse of APIs and help clients to remediate the excessive collection, unauthorized sharing, misuse, and unauthorized scraping of data by third parties.

Learn more about Heidi L. Wachs here!

Stephen Reynolds (CIPP/US, CISSP), a partner at McDermott Will & Emery, advises some of the largest companies in the world on complex data security and privacy matters.

A former computer programmer and IT analyst, Stephen is uniquely able to and routinely uses his computer background to the advantage of his clients in matters involving data security, privacy, artificial intelligence, and computer forensic investigations. He assists with responding to cybersecurity incidents, such as ransomware attacks, fund transfer fraud, data breaches and business email compromise matters. Having litigated data security and privacy cases from the trial court level and through the highest levels of appeals, Stephen also represents clients in litigation and regulatory investigations regarding data security, privacy and technology matters.

Stephen frequently educates others on data security and privacy at industry conferences and other forums. In addition, Stephen is an instructor for the CISSP certification through the ISC (2). He also lectures on Data Security and Privacy Law at Indiana University Robert H. McKinney School of Law.

Jorge Valencia Ostos is a dedicated professional specializing in advising national and international companies on their commercial relationships. In the early years of his career, he focused on providing legal certainty to his clients, but he soon discovered his true passion: working directly in business and making a positive impact on organizations and their people.

Currently, Jorge works in sales within the technology industry, where he has realized the importance of staying updated with new tools and trends to enhance processes and transform the way business is conducted. His proactive approach and commitment to innovation make him a valuable ally for organizations seeking to grow and adapt in a changing environment.