Bio

Allison Bender counsels Fortune 50 companies and startups in a range of industries on cybersecurity and privacy matters in the U.S. and internationally. Drawing from her roots in government, national security, and R&D, she helps clients navigate legal issues associated with emerging technologies and aids clients in strategically managing legal, financial, and reputational cybersecurity risks. Allison translates technical, operational, legal, and policy issues to create practical solutions for clients’ legal challenges. Her cybersecurity and national security preparedness counseling is informed by over 80 incident response efforts. When drafting corporate policies and considering product design options, Allison’s advice is seasoned in the management of breaches involving personal data, intellectual property, payment card information, export controlled technical data, and other regulated information. Her experience also extends to counseling on cybersecurity and national security due diligence in mergers and acquisitions, vendor management, and transactions.

Most recently at Hogan Lovells, Allison focused on cybersecurity matters including preparedness, risk management, incident response, engagement with law enforcement, and public policy strategies. Before joining Hogan Lovells, Allison served as a cybersecurity attorney at the Department of Homeland Security (DHS), where she advised the Office of Cybersecurity & Communications on cybersecurity and privacy laws, regulations, and policies.

From DHS, Allison brings experience in incident response as well as cybersecurity policy, information sharing, liability, and incentives. She was the primary operational legal counsel for the federal response to the Heartbleed vulnerability, the USIS-KeyPoint data breach, and the Healthcare.gov data breach. She served as Chair of the Automated Indicator Sharing Privacy & Compliance Working Group, provided primary legal advice for the implementation of Executive Order 13691 regarding Information Sharing and Analysis Organizations (ISAOs) and private sector clearances, advised the DHS Cyber Information Sharing and Collaboration Program (CISCP); and advised the Interagency Task Force implementing Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” Presidential Policy Directive 21, “Critical Infrastructure Security and Resilience,” focusing on the “NIST Cybersecurity Framework,” development of the Section 9 list, classified and unclassified information sharing, liability, and incentives. Allison was also principally involved in DHS policy efforts related to cybersecurity export controls, particularly Wassenaar implementation.

Before focusing on cybersecurity, Allison spent six years at DHS negotiating complex international and domestic multimillion dollar research and development agreements in a variety of emerging science and technology areas. She served as Chief Negotiator for the United States Government on nine legally binding international agreements. She led the oversight of over $1 billion in DHS activities, leading compliance programs for export controls and treaty and regulatory compliance. Allison also spent four years as primary counsel for the SAFETY Act, providing legal advice on legislation that protects companies with antiterrorism technologies, laying the groundwork for many of the policies and procedures for its current operation and reviewing over 500 applications.

Allison received her L.L.M. in National Security Law, with distinction, from Georgetown University in 2012, a J.D. from Washington & Lee University in 2006, and a B.A. from the University of Virginia in 2003.

Email Disclaimer

Unsolicited e-mails and information sent to ZwillGen will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with ZwillGen. If you are not already a client of ZwillGen, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.