Our Website Uses Cookies 

We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.

For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

Steve Surdu, a non-lawyer, has more than thirty years of experience in information technology consulting. He assists clients in a variety of computer security areas such as assessing security threats, priorities, and capabilities. He provides information security subject matter expertise to clients so they can use that information to better position their products or deliver their own services.

  • Provided onsite and remote incident response investigative support to clients involved with breach situations. The assistance has been wide-ranging and includes activities such as performing detailed analysis tasks within the technical response teams, critiquing the quality of the support provided by incident response teams, developing investigative approaches, designing remediation plans, enhancing status reporting structure/content and providing quality assurance on deliverables produced by the technical teams.
  • Supported CFIUS matters in a variety of ways including: evaluating the technical security posture of organizations, critiquing their approaches for isolating sensitive information from unauthorized entities and evaluating the technical capabilities/governance of the entities involved in the transaction.
  • Worked with clients to develop evidence preservation approaches that would be both responsive to government requests while minimizing the technical and administrative burden on the client.
  • Determined the existence and availability of non-public intelligence available to support specific litigation strategies.
  • Supported clients with a variety of technical issues such as: identifying non-US incident response practitioner licensing requirements, providing input on the quality of potential security outsourcers, comparing/contrasting competing security products and educating staff on the merits/challenges of various security approaches.

Previous Experience

  • Mandiant, Vice President of Professional Services