Privacy + Security Advisors
Areas of Focus:
Our Privacy + Cyber team includes prominent former industry chief privacy officers, chief information security officers, and consulting/auditing professionals, as well as individuals who served with or as consultants to the Federal Trade Commission, U.S. Department of Health and Human Services, the Office of Civil Rights, the Consumer Financial Protection Bureau, the Securities and Exchange Commission, and state attorneys general. As a result, our unique integrated team and front-line industry experience extend our range of services beyond those offered by other law firms, including legal, technical, forensic, AI, data, and compliance capabilities.
Our innovative approach and combination of talent are one reason the Financial Times shortlisted our firm for its 2023 Innovative Lawyers in Cyber Security & Data Protection award, one of only five such practices in North America.
Marc has over 25 years of experience in providing consulting, legal, and audit services on privacy and cybersecurity matters, including senior-level positions at PricewaterhouseCoopers, Varo Money, Promontory Financial Group, and LPL Financial. He leads many of our FTC audits, develops information security and privacy policies and procedures, and advises on vendor management/business process outsourcing functions, anti-money laundering and anti-fraud, business continuity and disaster recovery. Marc also has experience in creating and overseeing enterprise risk management programs, including inaugurating corporate-wide risk assessments, managing state and federal government relations, and managing mortgage compliance. He has created asset management programs for distressed financial institutions. Marc is licensed to practice in Ohio and Texas.
Publications
Education
Michael "Mac" McCullough is an innovative and entrepreneurial GRC advisor, data strategist, ethicist, and risk and privacy leader. Mac has over 25 years of experience in data risk, governance, privacy, and project management. He is particularly adept at building and aligning people, processes, and technologies to deliver world-class, risk-based, business-oriented compliance frameworks. Mac has a long history helping companies navigate and respond to regulator inquiries globally, including consent order compliance and assessments. Mac is a recognized thought leader in the privacy and tech communities, often networking with and advising peers, senior leaders, directors, trade organizations, civil society, and civil service leaders. Before joining the firm, he was chief privacy officer and GRC leader at Macy's, and before that helped lead IBM's privacy, data breach response, and other business models. He is a Certified Data Privacy Solutions Engineer.
Publications
Speaking Engagements
Education
Jean Pawluk
Senior Privacy & Security Advisor
New York | 212.704.6239
jean.pawluk@troutman.com
Jean has extensive experience in the high tech, telecom, and financial industries with a career in cybersecurity spanning more than 35 years. She served as the Chief Architect at Visa International from 2003-2010, where she focused on security, as well as Chief Enterprise Architect at Equifax. Jean is a co-founder of both the Bace Cybersecurity Institute and the Cloud Security Alliance. She has been a software and hardware developer, one of the first chief architects in Silicon Valley, a Chief Information Security Officer several times over, and is now an executive consultant and business advisor.
Jean is a speaker, college lecturer, researcher on various emerging technologies, and active in several standards working groups. Her current research is centered around the intersection of emerging technologies and security, specifically examining their utilization and potential misuse. She has earned professional certifications as a Certified Information Systems Security Professional from ISC2 and Certified Information Security Manager from ISACA.
Articles + Publications
May 2024
Regulatory Oversight Newsletter — May 2024
Articles + Publications
April 2024
Regulatory Oversight Newsletter — April 2024
Articles + Publications
March 2024
Regulatory Oversight Newsletter — March 2024
Speaking Engagements
03.04.24
Georgia Bar Association's 38th Annual Privacy & Technology Law Conference
Articles + Publications
February 2024
Regulatory Oversight Newsletter — February 2024
Articles + Publications
02.01.24
2023 Privacy Year in Review