John Dermody


Thank you for your interest. Before you communicate with one of our attorneys, please note: Any comments our attorneys share with you are general information and not legal advice. No attorney-client relationship will exist between you or your business and O’Melveny or any of its attorneys unless conflicts have been cleared, our management has given its approval, and an engagement letter has been signed. Meanwhile, you agree: we have no duty to advise you or provide you with legal assistance; you will not divulge any confidences or send any confidential or sensitive information to our attorneys (we are not in a position to keep it confidential and might be required to convey it to our clients); and, you may not use this contact to attempt to disqualify O’Melveny from representing other clients adverse to you or your business. By clicking "accept" you acknowledge receipt and agree to all of the terms of this paragraph and our Disclaimer.


John Dermody joined O’Melveny after a decade in government service, recently serving as a deputy legal advisor at the National Security Council (NSC). Previously, John served in the General Counsel’s offices of the Department of Homeland Security (DHS) and the Department of Defense.  Drawing on his experience in the highest levels of government, John advises clients on data security, privacy, cybersecurity, and national security issues, including economic sanctions and national security reviews of investments and technology transactions conducted by the Departments of Justice, Homeland Security, Defense, the Treasury, State, and Commerce. As a member of O’Melveny’s Coronavirus Task Force, John advises clients on government emergency powers, shelter-in-place orders, and data privacy issues associated with public health measures.

While at the NSC, John advised senior officials on cybersecurity, infrastructure protection, disaster response, border and transportation security, election security, biodefense, and other matters of US national security. His work included coordinating responses to and attribution of cyber incidents, revising US cyber operations policy, and helping to develop and implement the National Cyber Strategy. He also advised on US sanctions programs and matters and policies relating to supply chain security, 5G deployment, and spectrum allocation.


Government Experience

  • Deputy Legal Advisor, Office of the Legal Advisor, National Security Council
  • Attorney-Advisor, Intelligence Law Division, Office of the General Counsel, United States Department of Homeland Security
  • Associate Deputy General Counsel, Office of the General Counsel, United States Department of Defense

Honors & Awards

  • Meritorious Unit Citation, Director of National Intelligence, 2018
  • Secretary’s Award for Excellence, Department of Homeland Security, 2017, 2014
  • Team of the Year, Intelligence Community Legal Award, 2017
  • Intelligence Integration Unit Citation, Director of National Intelligence, 2015
  • Intelligence Leadership Award, Department of Homeland Security, 2015


Bar Admissions

  • California
  • District of Columbia


  • University of California, Hastings College of the Law, J.D., Hastings International and Comparative Law Review, Consulting Editor
  • Queen’s University, Belfast, M.A., International Politics, with merit
  • University of Dublin, Trinity College, M.Phil. 
  • University of California, Berkeley, B.A.

Professional Activities


  • The Honorable Robert R. Rigsby, Superior Court of the District of Columbia, Washington, DC
  • The Honorable Frederick H. Weisberg, Superior Court of the District of Columbia, Washington, DC


Speaking Engagements

  • Panelist, “Board of Directors Roundtable - Ransomware Developments,” Board of Directors Forum: Let’s Wine About Ransomware (December 10, 2020)
  • Panelist, “Are you Being Reasonable? Implementing and Defending Reasonable Data Security Requirements,” O’Melveny and the Crypsis Group Webinar (August 13, 2020)
  • Panelist, “Business Preparedness in Times of Pandemic,” J&J’s Legal Webinar Series for Life Sciences Entrepreneurs (July 23, 2020)
  • Panelist, “DEFCON ONE: Cyberattacks, Pandemics, Emergency Planning, and the Legal Battle for Recovery” O’Melveny and Homeland Security Advisory Council Webinar (May 28, 2020)
  • Presenter, “Returning to the Workplace Amidst COVID-19,” O’Melveny Webinar (May 20, 2020)


  • Certified Information Privacy Professional/United States (CIPP/US)
  • Certified Information Privacy Professional/Europe (CIPP/E)

Alerts and Publications

The Deadline for EU Standard Contractual Clauses is Here, Are You Ready?

September 27, 2021

European Commission Revises Rules for International Data Transfers

June 16, 2021

Supreme Court Narrows Computer Trespass Law

June 9, 2021

Biden Administration Recalibrates Executive Order Prohibiting Investments in Publicly Traded Securities of Certain Chinese Companies

June 7, 2021

Government Imposes Mandatory Cybersecurity Requirements on Pipeline Operators in Response to Ransomware Attack

June 2, 2021

Biden Executive Order Sets the Table for Industry Cybersecurity Reform

May 17, 2021

Biden Administration Issues New Targeted Economic Sanctions On Russia

April 16, 2021

FCC Lists Certain Chinese Telecom Equipment as National Security Risk

March 17, 2021

Draft EU Adequacy Decision Paves the Way for Smooth EU-UK Data Flows Post-Brexit

March 8, 2021

Reminder: NHTSA Updated Cybersecurity Best Practices—Comments Due by March 15, 2021

March 8, 2021

The CCPA and Belaire Notices: Civil Discovery in California’s New Privacy Era

February 25, 2021

CDA Section 230: Its Past, Present, and Future

February 12, 2021

Commerce Department’s New Technology Supply Chain Rules Leave Many Unanswered Questions

February 2, 2021

Data Security and Privacy Predictions for 2021: 6 Issues to Watch

January 28, 2021

Unfinished Business and Potential New Directions: The Biden Administration Faces Many Decisions in Addressing Trump Administration Measures Targeting China and other National Security Threats

January 20, 2021

Despite Brexit Deal, UK Data Transfers Remain in Limbo

January 4, 2021

Trump Administration Takes Further Actions Targeting China as Term Nears End

December 21, 2020

Staying Ahead of the EU Data-Protection Curve: How Companies Can Ensure Continued Transatlantic Data Transfers

December 1, 2020

Video: Data Security & Privacy in the Age of COVID – A Conversation with Lisa Monaco and John Dermody

November 17, 2020

Treasury Issues New Guidance on Risks of Ransomware Payments

October 9, 2020

Preliminary Injunctions Delay Implementation of Commerce Department Orders Targeting TikTok and WeChat

October 1, 2020

Commerce Department Prohibits Transactions with TikTok and WeChat

September 18, 2020

Law Society of Ireland Gazette: The Second Coming

September 9, 2020

Picking up the Pieces After Schrems II

July 30, 2020

New York Files First Charges Under Data Security Regulation

July 30, 2020

U.S. Government Imposes National Security-Driven Procurement Restrictions on Federal Government Contractors that Will Impact Their Supply Chain

July 24, 2020

Federal Contractors and Their Suppliers are in Limbo Awaiting Fast-Approaching Deadline for Implementation of Section 889 Supply Chain Restrictions

July 7, 2020

Survey of Global Artificial Intelligence Regulation: An Evolving and Varied Landscape

June 17, 2020

Recent Cyber Attacks on Critical Infrastructure Highlight Emerging Cyber Risks in the Water Industry

June 10, 2020 Where Will The Needle Land? COVID-19 Contact Tracing v. Protecting Personal Privacy

June 1, 2020

United States Expands Export Controls Targeting Huawei’s Access to US Technology

May 18, 2020

President Trump Issues Executive Order on Securing the United States Bulk-Power System

May 6, 2020

President Issues Proclamation Limiting Immigrant Travel to the United States

April 28, 2020

FEMA Temporarily Bans Exports of Scarce or Threatened Personal Protective Equipment

April 13, 2020

President Trump Issues Executive Order Creating Telecommunications Assessment Committee

April 10, 2020

CPO Magazine: Here Come 5G IoT Devices: What Is “Reasonable Security”?

April 2, 2020

President Trump Invokes the Defense Production Act

March 20, 2020

Navigating Coronavirus “Shelter-in-Place” Orders Issued by Local Public Health Authorities

March 18, 2020

Coronavirus Task Force Podcast: Former Homeland Security Advisor Lisa Monaco on How Companies Can Manage the Coronavirus Crisis

March 16, 2020

O’Melveny Coronavirus Task Force: Data Security and Privacy Considerations During the COVID-19 Response

March 16, 2020

The European Commission Proposes Artificial Intelligence Regulations That Could Reach Businesses Worldwide

March 13, 2020

Indictment of Chinese Military Hackers for Equifax Breach Highlights Important Data Security Lessons

February 11, 2020

O’Melveny Releases State-by-State Guide to US Data Breach Notification Laws

January 29, 2020

EU Advocate General Opinion Is a Mixed Bag for Companies Engaging in US-EU Data Transfers

January 27, 2020

Supreme Court Leaves the Door Open for Expansive Biometric Privacy Lawsuits

January 23, 2020

What’s Next in Data Security and Privacy? 6 Trends to Watch in 2020

January 21, 2020

Failure to Apply Recent Microsoft Patch May Create Legal Liabilities

January 15, 2020

EDPB Finalizes Guidance on GDPR Applicability Outside EU

December 11, 2019

Commerce Seeks Comment on Telecom Supply Chain Review Process

December 3, 2019

Getting Prepared for New York’s Expanded Security Breach and Data Security Requirements

November 18, 2019

New Suit Against Spyware-Maker Demonstrates One Company’s Offensive Strategy Against Cyber Attacks

November 5, 2019

The Government Is Wielding Sticks and Carrots to Address National Security Concerns in the Telecommunications Sector

October 3, 2019

In the News

Reuters Legal: O’Melveny’s Dermody on New Cybersecurity Directives For Critical Pipelines

August 3, 2021

Law360: Cybersecurity & Privacy Policy To Watch For Rest Of 2021

July 30, 2021

WTOP NEWS: Nation-state hackers undeterred by US ‘naming and shaming’

July 27, 2021

TechRepublic: The Ransomware Risk Management Calculus is Changing for OT, ICS and Critical Infrastructure

July 22, 2021

Law360: 6 Cybersecurity Events That Have Defined 2021

July 12, 2021

Law360: Biden Taps Obama Counterterror Chief To Lead DOJ Division

May 26, 2021

SC Magazine: Colonial Pipeline attack: What government can do to deter critical infrastructure cybercriminals

May 10, 2021

Law360: SolarWinds Sanctions Far From Last Word On Russian Hacks

April 15, 2021

Law360: COVID Inflamed Damaging Year For Data Breach Victims

March 11, 2021

SC Magazine: As Ransomware Inches from Economic Burden to National Security Threat, Policies may Follow

February 25, 2021

Law360: Biden Admin. To Weigh Risk Of Unleashing Cyberweapons

February 8, 2021

Cybersecurity Dive: GDPR Regulators are Sinking Their Teeth into Violators. 2020’s Fines are Proof.

January 28, 2021

CPO Magazine: Pro-Trump Capitol Riot Posed Potentially Serious Cybersecurity Risks Including Spying and Malware Installation

January 13, 2021

FORTUNE: Pro-Trump rioters could face up to 20 years in prison

January 7, 2021

Law360: How Ransomware Will Continue Wreaking Havoc In 2021

January 3, 2021

Law360: Biden Could Use Obama-Era Tools To Counter Sprawling Hack

December 18, 2020

ClearanceJobs: Per NSA, DoD Networks in the Crosshairs of Chinese State-Sponsored Hackers

October 27, 2020

Roll Call: TikTok ‘Not a Great Look’ for Lawmakers, Security Experts Say

September 30, 2020

CNET: Drone Swarms in 3 States Prompt FAA, FBI Investigation of Mystery

January 9, 2020

Inside Cybersecurity: The Federal Embrace of Tough Supply-Chain Regulation Seems Like a Done Deal

December 4, 2019

The Recorder: With Data as National Security Threat, Big Law's Appetite for Government Officials Grows

November 20, 2019

Bloomberg Television: Security Concerns Around TikTok

November 14, 2019

CPO Magazine: TikTok National Security Review Raises Concerns About Chinese Motives in Tech Sector

November 13, 2019

BuzzFeed News: Sen. Chuck Schumer Raises Security Concerns About The Army Using TikTok To Try To Recruit Young People

November 12, 2019

CIO Dive: Don’t Do the Obvious After a Ransomware Attack, Do Remain Paranoid

November 6, 2019

Silicon Republic: Why TikTok is Facing Mounting Pressure from the US Government

November 6, 2019

International Association of Privacy Professionals: People on the move- November 2019

October 29, 2019


Press Releases