Partner

Shawn Tuma helps businesses protect their information and protect themselves from their information. He represents a wide range of clients, from small to midsize companies to Fortune 100 companies, across the United States and globally in dealing with cybersecurity, data privacy, data breach and incident response, regulatory compliance, computer fraud related legal issues, and cyber-related litigation.
Having practiced in this area of law since 1999, Shawn is widely recognized in cybersecurity and data privacy law. He is frequently sought out and hired by other lawyers and law firms to advise them when these issues arise in cases for their own clients.
While this area of the law has evolved greatly in the nearly 20 years while Shawn has been practicing, he continues to evolve with it as a practitioner representing his clients, academically as an author and instructor, and as an analyst for the national media.
Shawn’s practice covers three distinct areas:
- Cyber Risk Management – Proactively helping companies assess and understand their overall cyber risk and then developing, implementing, and maturing a strategic cyber risk management program that prioritizes their efforts to help minimize their cyber risk and meet regulatory compliance requirements.
- Cyber Incident Response – Leading companies through the cyber incident response and data breach response process (e.g., as a “breach guide” or “breach quarterback”), crisis management, and regulatory compliance investigations and enforcement actions (e.g., by regulators such as various states’ Attorneys General, Department of Health and Human Services / Office of Civil Rights (HHS/OCR), Federal Trade Commission (FTC), and Securities and Exchange Commission (SEC). Tuma serves as a breach guide for insurance companies’ panel of approved counsel.
- Cyber Security, Hacking, and Data Breach Litigation – Representing clients in litigation involving cyber-related claims like computer and data misuse, computer hacking, data loss, data theft, and business-to-business disputes concerning responsibility for cyber incidents.
Shawn’s ideal role is to serve as a member of a company’s risk management team as outside cybersecurity counsel to help the company proactively prepare for and minimize its risks of doing business in today’s digital business world. Then, if a problem does arise, he is there to guide the company through resolving those issues as well.
Select Presentations
- Data Breach Incident Response – Recovering from a Cyber Attack, Texas Bar CLE Cybersecurity Law Workshop (presented with Todd Hindman), Houston, Texas
- Artificial Intelligence in the Legal and Regulatory Realm — Practical Cybersecurity Risk Management Strategies (with Paul Ferrillo), New Jersey State Bar Association (NJSBA) Cybersecurity Institute
- The Legal Case for Cybersecurity, Lunch Keynote, SecureWorld – Denver
- Legal Issues Associated with Third-Party Cyber Risk, ISACA CSX North America 2017 (Washington D.C.)
Select Publications
- Privileges: Understanding the Applicability in Cybersecurity Cases, Texas Bar Journal, October 2018
- Texas Privacy & Data Security Law, Bloomberg BNA (Practitioner Editor)
- Why you need a cyber attorney, Ethical Boardroom, Spring 2018
- Cybersecurity & Data Privacy Update, Texas Bar Journal, January 2018
Select News Media and Press
- Why did Uber hide the theft of 57 million users’ data? RTVI (Russian TV) interviews Shawn Tuma
- CGTN America interviews Shawn Tuma about the Equifax data breach
- CGTN America interviews Shawn Tuma about global #WannaCry ransomware attacks
- CW 33 Eye Opener Morning Show Guest Shawn Tuma Discusses Adult Friend Finder Data Breach
Business Cyber Risk Blog
- Shawn is a blogger and manager of the Business Cyber Risk Blog
Memberships
- Board of Directors & General Counsel, Cyber Future Foundation
- Board of Advisors, University of North Texas Cyber Forensics Lab
- Practitioner Editor, Bloomberg BNA Texas Privacy & Data Security Law
- Policy Council, National Technology Security Coalition
- Board of Advisors, Cyber Law Consortium
- Cybersecurity Task Force, Intelligent Transportation Society of America
- Secretary, Computer and Technology Section, State Bar of Texas
- Privacy and Data Security Committee, State Bar of Texas
- Cybercrime Committee, North Texas Crime Commission
- InfraGard (FBI)
- Information Systems Security Association (ISSA)
- International Association of Privacy Professionals (IAPP)
Distinctions
- Cybersecurity & Data Privacy Law Trailblazers, National Law Journal, 2016
- Top 100 Lawyers in Dallas – Fort Worth, Super Lawyers®, 2016
- Texas Super Lawyers, 2015-2019, 2022
- Best Lawyers in Dallas, D Magazine (Digital Information Law), 2014-2019
Contact Shawn Tuma at 972.324.0317 or stuma@spencerfane.com.