Photo of Marcus A. Christian

Marcus Christian is a co-leader of the Washington DC Litigation & Dispute Resolution practice and a partner in Mayer Brown's Cybersecurity & Data Privacy practice and White Collar Defense & Compliance group. Since joining Mayer Brown in 2013, Marcus has represented clients in matters involving data security planning, board governance of cybersecurity, cyber fraud, data breach response, and congressional investigations, among others.

Marcus is a recognized leader in cybersecurity. He has been named to Cybersecurity Docket's "Incident Response 30," recognizing 30 of the "best and brightest data breach response lawyers in the business" three times. The publication also noted that those recognized "have established themselves as the 'first call' for companies hit with a cyber attack or other data security incident." Marcus was also named to the Washingtonian’s Top Lawyer list in 2018 and 2019.

Read Marcus's full bio

The United States Supreme Court recently issued its decision in Dobbs v. Jackson Women’s Health Org., ––– U.S. –––, 2022 WL 2276808 (2022), overturning Roe v. Wade, 410 U.S. 113 (1973), and Planned Parenthood of Southeastern Pennsylvania v. Casey, 505 U.S. 833 (1992). In holding that the U.S. Constitution does not protect

Strengthening the nation’s cybersecurity has been a top priority for the Biden administration, as reflected in its collaboration with industry, regulatory actions, and the legislation it has supported in Congress, including the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Executive action has been a key tool in the Biden administration’s cyber policymaking toolkit.

On March 29, 2022, the US federal banking regulators released instructions on how financial institutions should comply with recently adopted computer-security incident notification requirements.1 These instructions will assist financial institutions in satisfying their obligations under the new requirements once compliance is required on May 1, 2022.

Continue reading.

The upshot, for busy people:

  • Realizing value and managing risk in investments and acquisitions of digital assets businesses means understanding several key areas of the target’s business—among them, cybersecurity, data privacy and regulatory positions.
  • This is particularly challenging in light of the pace of innovation in these technologies and the intersecting, evolving regulations that apply

On March 15, 2022, President Biden signed into law the Consolidated Appropriations Act, 2022, H.R. 2471. Division Y of this omnibus appropriations legislation—the Cyber Incident Reporting for Critical Infrastructure Act of 2022—will create significant new rules requiring US critical infrastructure entities to report cybersecurity incidents and ransom payments to the US government. This legislation marks

After months of diplomatic engagement, the early morning of February 24, 2022 saw what President Biden called an “unprovoked and unjustified attack by Russian military forces” on Ukraine. Numerous news reports also have described significant cyber attacks against Ukrainian systems. According to those reports, these attacks follow multiple waves of cyber attacks in the past

Our Global Insurance Industry Year in Review is now in its 10th year. In this report, we discuss developments and trends in insurance industry transactions over the past year, with a particular focus on mergers and acquisitions, corporate finance, insurtech, the insurance-linked securities and convergence markets, as well as tax, regulatory and litigation developments.

A

On November 18, 2021, the Board of Governors of the Federal Reserve System (“Federal Reserve”), Office of the Comptroller of the Currency (“OCC”) and Federal Deposit Insurance Corporation (“FDIC,” collectively with the Federal Reserve and OCC, the “Federal Regulators”) finalized new cyber incident notification requirements for institutions that they regulate and their service providers (the

On October 22, 2021, the New York Department of Financial Services (“NYDFS”) issued an interpretive letter that provides guidance on how entities regulated by NYDFS (“Covered Entities”) may comply with the NYDFS Cybersecurity Regulation by adopting the cybersecurity program of an affiliate (“Affiliate Program Letter”).1 According to the Affiliate Program Letter, a Covered Entity

Our Cyber Perspectives series presents broad-ranging discussions with those contending with cybersecurity threats from the front lines.

Please join Mayer Brown’s Marcus Christian in conversation with Burt Fealing, Executive Vice President, General Counsel, Compliance and Corporate Secretary at Southwire Company. Topics will include:

  • Key lessons for corporate leaders about cybersecurity readiness
  • Evolution in the role