Search Our Website:
Michael G. McLaughlin

Michael G. McLaughlin

Principal, Government Relations

Cybersecurity and Data Privacy Practice Group Co-Leader

Washington, DC

How Michael Helps Clients 

Michael advises clients in matters involving cybersecurity, public policy and government relations. Michael helps clients navigate the complexities of cybersecurity, data privacy and the related regulatory landscape. He has a great depth of experience assisting clients in cybersecurity incident response and remediation, regulatory compliance, and establishing effective data privacy programs.

Michael’s government contract law practice includes Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) compliance; Cybersecurity Maturity Model Certification (CMMC); bid preparation, protests, and disputes; and contract management.

Michael served in the United States Navy as a Naval Intelligence Officer for more than a decade. He spent his naval career leading and advising global technology-driven enterprises and led multinational teams in solving complex national security challenges.

Michael served in multiple postings worldwide, including Senior Counterintelligence Advisor for United States Cyber Command and Chief of Counterintelligence and Human Intelligence for the Cyber National Mission Force where he directed all counterintelligence, human intelligence, and law enforcement operations, investigations, and support to the Department of Defense's global cyberspace operations.

In his role as a cyber policy research affiliate for the Applied Research Laboratory for Intelligence and Security at the University of Maryland, Michael advised senior government officials on the integration and expansion of Department of Defense cyberspace capabilities.

What Clients Can Expect

Michael helps clients navigate the complexities of cybersecurity and the related legislative landscape. He combines creativity, technical acumen and operational execution to build strategies that serve client objectives.

Outside the Office 

Originally from Pittsburgh, Pennsylvania, Michael has lived all over the world. When not working, he enjoys traveling, running, hiking, writing and spending time with family. 

Michael also devotes time to supporting non-profit organizations focused on advancing diversity, equity, and inclusion in the cybersecurity community, including The Cyber Guild and Uniting Women in Cyber. I am passionate about building relationships and leading high-performance teams to achieve success and deliver results.

Proof Points

  • Assisted a Fortune 500 publicly traded company respond to and recover from a complex ransomware attack. Developed a framework for determining non-materiality under the Security and Exchange Commission's cybersecurity rules and assisted the client navigate an SEC inquiry.
  • Led response efforts for a financial sector entity affected by a sophisticated ransomware attack that targeted over 100 banks and credit unions. Implemented remediation strategies to restore operations swiftly and enhance cybersecurity posture against future threats.
  • Orchestrated a collaborative response to a ransomware attack on a Department of Defense prime contractor handling highly sensitive government and personal information. Coordinated closely with the FBI and Department of Defense to investigate the incident thoroughly and implement robust security measures to prevent future breaches.
  • Managed a high-stakes investigation into business email compromise and wire fraud targeting a rapidly expanding company involved in frequent M&A activities. Worked in conjunction with the US Secret Service to trace and recover a significant portion of the misappropriated funds, safeguarding the company's financial integrity.
  • Coordinated a multifaceted response to ransomware attacks on multiple business associates within the health care sector. Collaborated with covered entities, the US Department of Health and Human Services, and the FBI to contain the breach, assess data exposures, and fortify cybersecurity protocols to mitigate future risks effectively.
  • Directed the response to a ransomware attack on a professional sports team and entertainment complex, ensuring swift containment of the incident and implementing robust security measures to protect sensitive data and critical operations from further cyber threats.
  • Assisted in the development and management of a cybersecurity incident materiality determination framework under the SEC Cybersecurity Rules for multiple publicly traded companies.
  • Developed and delivered bespoke cybersecurity tabletop exercises to individual organizations, tailored to industry-specific threats and regulatory requirements.
  • Co-authored Battlefield Cyber: How China and Russia are Undermining our Democracy and National Security (Prometheus, 2023).
  • Twice awarded the Defense Meritorious Service Medal for actions leading joint and interagency teams on behalf of the U.S. Department of Defense.