Mark L. Krotoski

Before his 2014 move to a partnership at Morgan Lewis, Krotoski spent nearly 20 years honing his skills as a cyber crimes prosecutor, tackling some of the country’s toughest cases and learning how to think strategically about the intersection of technology and the law.

Krotoski got his start as a federal prosecutor in 1995 with the then recently created Computer Hacking and Intellectual Property Program, a nascent arm of the U.S. attorney’s office in the Northern and Eastern Districts responsible for policing cyber crimes at a time when the Silicon Valley’s tech scene was blossoming.

Over the years, Krotoski rose through the ranks and eventually became the national coordinator of the program, overseeing more than 250 federal prosecutors.

During that time he helped prosecute Russian hacker Aleksey V. Ivanov, whose case helped set standards for subject-matter jurisdiction for computer-related crimes committed by individuals outside the country, and Philip Gabriel Pettersson, a Swedish national who perpetrated a worldwide cyberattack that crippled the U.S. military and NASA.

Today, Krotoski helps national corporations protect themselves against attacks and advises clients on antitrust cartel investigations, but his experience in the public sector guides his current practice every day.

“That background informs the way I approach cybersecurity for clients today,” Krotoski said, adding that his experience overseeing investigations and securing technical evidence during trials as a prosecutor were the two most valuable skills he learned in that role.

Now, most of his work, whether it’s helping clients with cyber extortion and ransomware or business email compromise, is confidential. Last year he advised a large international company on launching a virtual assistant service, known as a chatbot. The work required Krotoski to survey all United States jurisdictions and those of 130 different countries, each of which has taken its own unique approach to developing legal standards for emerging technology.

He also resolved that last in a series of cases filed against a “major consumer electronics manufacture,” which involved patents encompassing a wide range of patents including virtual assistant features on consumer electronics.

Much like his former prosecutor self, Krotoski said that he always takes the long view of things, especially when receiving a cyber breach alteration, which can happen at any minute. While thinking about how to help the company in the short term, Krotoski thinks about how the breach might look to the Department of Justice, the Securities and Exchange Commission or the Federal Trade Commission, in case they make inquiries.

“That multiple-track approach is important in helping the client, because when we respond to the incident, the consequences of what you do on the front end may have long-term consequences down the road,” he said.

— Nicolas Sonnenburg