Alex Iftimie

SAN FRANCISCO - A co-chair of Morrison Foerster's global risk and crisis management group with a specialty in cybersecurity, Alex Iftimie utilizes his experience as a former senior national security official at the U.S. Department of Justice to advise clients on some of the largest and most consequential security matters. Among his notable cases, Iftimie, while with the Department of Justice, handled the investigation and prosecution of Russian election meddling ahead of the 2018 midterm elections.

"The case shined a spotlight on continued Russian efforts to sow discord in the U.S. political system and to undermine faith in our democracy," he said. "I'm a first-generation American whose parents fled communism in favor of the democratic institutions we have here--playing a part in protecting those institutions was gratifying beyond measure."

At the forefront of cybersecurity laws, Iftimie, as a partner at Morrison Foerster, works on building cyber resilience and fighting cybercrime across the globe.

Over the past two years, he's represented FireEye, a security company, in an investigation that led to the discovery of the SolarWinds compromise, which resulted in one of the largest cyberattacks of its kind against U.S. government agencies and corporations. The attack was led by a hacker group reportedly linked to Russian foreign intelligence.

"That investigation was a defining moment for the cybersecurity community, both in terms of exposing a widespread espionage campaign and by putting a spotlight on software supply chain risks," Iftimie said. "The SolarWinds compromise discoveries are also the impetus for the cybersecurity executive order and other policy and legislative developments of the last two years."

Iftimie has advised another SolarWinds-related investigation at a Fortune 50 company and has directed numerous other clients on emerging supply chain risks.

In 2020, Iftimie represented Cognizant, one of the largest IT management service providers, in its investigation into a Maze ransomware attack. The company was later praised for its transparent response, holding conference calls with customers and making individual client calls to reassure them the company was working to contain the threat.

Iftimie also recently represented a major government contractor that was targeted because of its work for the U.S. government, directing the internal investigation and advising on breach response, regulatory and contractual obligations and interactions with government agencies.

Iftimie said one of the things he loves most about the field of cybersecurity law is that it's constantly evolving, with new threats and new legal requirements popping up daily.

"It means staying on top of a complex set of rules across agencies and across jurisdictions and helping clients come up with practical ways to comply," he said, adding that the most rewarding part of his job is helping clients "see around the corner in a crisis."

"The reality is that everyone is vulnerable," he said. "The quality of a company's response to a crisis ultimately has a greater impact on a company's reputation and trust than whether that company was hacked in the first place."