Overview

Sean is a partner in the Portland office and chair of the national Constangy Cyber Team. His background includes over 25 years of experience with data privacy and information security matters.

Sean is a former cyber attorney for the U.S. Department of Justice, where he served as the lead cyber attorney for the U.S. Attorney's Office in Oregon and worked with the Computer Crime & Intellectual Property Section in Washington, D.C. During that time, he worked closely with the FBI, the Secret Service, and other federal agencies in investigating and prosecuting complex white collar and high-tech cybercrime. Sean was also honored twice with the Director’s Award, one of the highest awards bestowed upon Assistant U.S. Attorneys.

He has been recognized for his leadership in the data privacy and cybersecurity space, having been named by the Cybersecurity Docket as one of the best and brightest data breach response lawyers in the business. His credentials include being a Global Information Security Professional (GISP), a Certified Information Systems Security Professional (CISSP), and a Certified Information Privacy Professional for United States law (CIPP/US). In managing the national Constangy Cyber Team, Sean continues to manage responses to complex data breaches and works with information security personnel and corporate executives in managing and mitigating cyber risk.

Honors & Recognition

  • Incident Response 50 for 2023, 2024, 2025, selected by Cybersecurity Docket as one of the 50 best data breach response lawyers in the business
  • 2021 Distinguished Alumni Award, Linfield University Alumni Association
  • Incident Response 40 for 2021 and 2022, selected by Cybersecurity Docket as one of the 40 best and brightest data breach response lawyers in the United States
  • Incident Response 30 for 2020, 2019, 2018, selected by Cybersecurity Docket as one of the 30 best and brightest data breach response lawyers in the United States

View More

  • Outstanding Support, Dedication, and Contribution to Federal Law Enforcement in the District of Oregon, Federal Law Enforcement Officers Association, Portland, Ore., 2014
  • Outstanding Prosecutive Skills and Assistance to the FBI, FBI Director James B. Comey, 2014
  • Outstanding Assistance and Support on Behalf of the Investigative and Protective Responsibilities of the Secret Service, United States Secret Service Director Julia A. Pierson, 2014
  • Exemplary Efforts on Defense Criminal Investigative Service Investigations, Defense Criminal Investigative Service Office of Inspector General, 2014
  • Outstanding Efforts In Support of the U.S. Postal Inspection Service’s Mission of Protecting the U.S. Mails from Criminal Activity, United States Postal Inspection Service, 2014
  • Appreciation for Protecting the Integrity of the Social Security Number, Social Security Administration Office of Inspector General,2014
  • Outstanding Dedication and Exemplary Service to the United States Attorney’s Office, District of Oregon, 2014
  • Outstanding Prosecutive Skills and Assistance to the FBI, FBI Director Robert S. Mueller, III, 2010
  • Assistant Attorney General’s Award for Intra-Departmental Cooperation, Assistant Attorney General Matthew Friedrich, 2008
  • Superior Contributions to the Law Enforcement Responsibilities of the United States Secret Service, United States Secret Service, 2007
  • Dedication and Commitment to the Prosecution of Complex Financial Crimes, Internal Revenue Service Criminal Investigation Division, Portland Field Office, 2005
  • Director’s Award, Executive Office for United States Attorneys (EOUSA), 2004
  • Outstanding Assistance to the FBI, FBI Director Robert S. Mueller, III, 2002
  • Outstanding Prosecutive Skills and Assistance to the FBI, FBI Director Louis J. Freeh, 2001
  • Achievements and Contributions to the Department of Justice, Attorney General Janet Reno, 2000
  • Director’s Award, EOUSA,1997
  • Outstanding Contributions in the Field of Drug Law Enforcement, DEA, 1997

Experience

Representative Matters

General information security consulting

Provides guidance to clients across all industry sectors on commercially sound measures to strengthen their corporate information security posture. This often involves assessing  the sufficiency of security controls to mitigate risk against current malicious threats. It also involves reviewing and revising incident response plans, business continuity and emergency operations plans, information security policies and procedures, and third-party contract and vendor management programs. His years of experience as a cyber attorney and a data breach first responder provide unique insights and inform his proactive work.

Incident response planning

Provides assistance drafting or revising incident response plans. This includes identifying and involving important stakeholders, ensuring placement with appropriate cyber liability insurance products, facilitating engagements with other incident response service providers such as digital forensics firms, and introductions to law enforcement personnel. It also involves assessing consumer, regulatory and contractual incident notification obligations, and preparing templates to meet them.

Tabletop exercises

Incorporates over 25 years of data privacy and information security experience in facilitating enterprise-wide, cross-functional exercises to test organizational incident response plans. The exercises include key stakeholders to help them understand their roles and responsibilities in responding to a data security event and as an extension of their organizational information security team. The exercises are also focused upon enhancing existing incident response plans.

Incident response services

Oversees a national team of legal and administrative professionals who assist businesses in responding to data security incidents. This team has managed responses to thousands of data breaches. They staff Constangy's 24/7 data breach hotline and serve as project managers to facilitate a rapid response to any type of data security incident. Each project manager has substantial expertise managing responses to data breaches, and provides an initial impact assessment in order to facilitate appropriate responsive resources to contain, analyze, investigate, and remediate the matter. This often involves digital forensics, crisis management and communications, and consumer notification and remediation services (e.g., credit monitoring, and/or identity protection services). They also assess consumer, regulatory and contractual incident notice obligations and help businesses comply with them. They also interface with law enforcement, the media and regulatory officials as necessary. While managing Constangy’s national incident response team, he also personally manages responses to complex data breaches with the support of the team.

Data breach-related defensive litigation

Assists clients who are subject to class action complaints or third-party demands arising from data privacy and/or security incidents. As a former litigator for the U.S. Department of Justice, he works with Constangy’s extensive litigation resources in over 20 states with over 30 attorneys to ensure clients are well represented in data privacy and/or security-related defensive litigation matters.

Employee/Board/Executive training

Assists clients in identifying and prioritizing employee training requirements for network security awareness, creating tailored training for employees, and briefing boards of directors and executives about information security threats, regulatory developments, and enterprise risk mitigation measures. He is often asked to provide business impact analyses addressing appropriate allocation of resources for information security.

Information system vulnerability testing and penetration testing

Assists clients with sourcing appropriate vendors, defining reasonable scopes, facilitating the execution of contracts, supervising confidential vulnerability assessments and penetration testing, and reviewing and editing draft reports to ensure accuracy and a format suitable for disclosure to third-parties, if necessary.  The facilitation of these services is typically subject to the Attorney-Client Privilege and the Work-Product Doctrine to provide the highest level of confidentiality.

Digital forensics services

Assists clients with sourcing appropriate vendors, defining reasonable scopes, facilitating the execution of contracts, overseeing digital forensics investigations, and reviewing and editing preliminary reports to ensure accuracy. The facilitation of these services is typically subject to the Attorney-Client Privilege and the Work-Product Doctrine to provide the highest level of confidentiality.

Information security policies and procedures

Assists clients in identifying and defining necessary information security policies and procedures. This includes reviewing existing policies and procedures, providing suggested revisions to them, and creating policies and procedures as necessary.

Law enforcement and regulatory investigations

Assists clients in responding to government investigative requests arising out of data privacy and security events. This may involve representation during interviews, and often requires assembling relevant documentation, including policies and procedures, and/or summarizing complex technological and digital forensics information in summary reports appropriate for disclosure to law enforcement and regulatory officials.

Credentials

Education

University of Oregon School of Law

  • J.D., 1987
  • Moot Court Board
  • National Mock Trial Team
  • President, Student Bar Association
  • Centurion Award

Florida State University

  • M.S., Higher Education Administration, 1981

Linfield University

  • B.A., English and Psychology, 1980
  • President, Associated Students of Linfield College
  • Football and baseball teams

Media

News

Constangy Streaming

Professional & Civic Associations

Professional

Certifications

  • Certified Information Systems Security Professional (CISSP) through the International Information System Security Certification Consortium (ISC2)
  • Global Information Security Professional (GISP) through the Global Information Assurance Certification
  • Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)

Prior Experience

  • Assistant United States Attorney, United States Department of Justice, District of Oregon, Portland, Ore., 1991-2014
  • Assistant District Attorney, Lane County District Attorney’s Office, Eugene, Ore., 1987-1991

Admissions

  • Oregon, 1987
    Washington, 2015
    District of Columbia, 2015
    U.S. Supreme Court, 1997
    U.S. Court of Appeals, Ninth Circuit
    U.S. District Court - OR

“Do or do not. There is no try.” 

Yoda, Grand Master of the Jedi Order
Jump to Page

Constangy, Brooks, Smith & Prophete, LLP Cookie Preference Center

Your Privacy

When using this website, Constangy and certain third parties may collect and use cookies or similar technologies to enhance your experience. These technologies may collect information about your device, activity on our website, and preferences. Some cookies are essential to site functionality, while others help us analyze performance and usage trends to improve our content and features.

Please note that if you return to this website from a different browser or device, you may need to reselect your cookie preferences.

For more information about our privacy practices, including your rights and choices, please see our Privacy Policy. 

Strictly Necessary Cookies

Always Active

Strictly Necessary Cookies are essential for the website to function, and cannot be turned off. We use this type of cookie for purposes such as security, network management, and accessibility. You can set your browser to block or alert you about these cookies, but if you do so, some parts of the site will not work. 

Functionality Cookies

Always Active

Functionality Cookies are used to enhance the functionality and personalization of this website. These cookies support features like embedded content (such as video or audio), keyword search highlighting, and remembering your preferences across pages—for example, your cookie choices or form inputs during submission.

Some of these cookies are managed by third-party service providers whose features are embedded on our site. These cookies do not store personal information and are necessary for certain site features to work properly.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek