Thomas I. Moran II

Associate

Cleveland
T +1.216.861.7142
F +1.216.696.0740

Overview

Tom Moran provides counsel to clients during data security incidents ranging from phishing incidents to large, high profile data security incidents. Following a data security incident, he advises clients on the legal ramifications and liabilities that may occur as a result, and assists them in fulfilling any legal obligations that may arise from the event. He also coordinates and oversees vendors that assist with the incident response process.

Tom counsels his clients on the safeguards necessary to avoid future incidents, including tabletop crisis simulations and drafting comprehensive, proactive incident response plans. He also assisted a wide range of clients to ensure their compliance with the California Consumer Privacy Act and similar state-level data privacy statutes.

Tom is a Certified Information Privacy Professional for the private sector in the U.S.

Select Experience

  • Manages various incident response processes for broad range of clients, including civil matters related to cybersecurity issues.
  • Advises clients in the financial, manufacturing, retail, and higher education sectors on responding to cybersecurity and data privacy incidents in the U.S. and abroad ranging from small, data theft incidents to sophisticated, state-sponsored network intrusions.
  • Assists in navigating regulatory hurdles associated with ransom payments, as well as consumer and regulatory notification obligations.
More »

Experience

  • Manages various incident response processes for broad range of clients, including civil matters related to cybersecurity issues.
  • Advises clients in the financial, manufacturing, retail, and higher education sectors on responding to cybersecurity and data privacy incidents in the U.S. and abroad ranging from small, data theft incidents to sophisticated, state-sponsored network intrusions.
  • Assists in navigating regulatory hurdles associated with ransom payments, as well as consumer and regulatory notification obligations.
  • Responsible for bringing clients into compliance with CCPA, including drafting privacy policies for several corporate clients.
  • Successful in recovering funds on behalf of a company that fell victim to a business email compromise.
  • Used digital forensics to establish legal defenses for computer-related crimes.

Recognitions and Memberships

Memberships

  • American Bar Association
  • Cleveland Metropolitan Bar Association
    • Chair, Cyber+ Section (2021)
  • International Association of Privacy Professionals
  • Cleveland-Marshall College of Law Cybersecurity Roundtable

Community

  • The May Dugan Center
  • Tim Tebow's A Night to Shine
  • CYO Basketball Coach, St. Charles Borromeo Church

Admissions

  • U.S. District Court, Northern District of Ohio
  • U.S. District Court, Southern District of Ohio
  • Ohio

Education

  • J.D., Cleveland-Marshall College of Law, 2017
  • B.S., Hiram College, 2013

Blog

In The Blogs

Previous Next
Data Counsel
Sounding the Alarm: New Federal Law Will Mandate the Reporting of Cybersecurity Incidents Involving Critical Infrastructure – What Companies Need to do now to be Prepared
By Sara M. Goldstein, Kimberly C. Gordy, Thomas I. Moran II
March 18, 2022
In response to increased and persistent cybersecurity threats to American infrastructure, Congress passed the Strengthening American Cybersecurity Act (SACA), which President Joe Biden signed into law on March 15. SACA is likely the first...
Read More ->