John Dermody

Counsel

Thank you for your interest. Before you communicate with one of our attorneys, please note: Any comments our attorneys share with you are general information and not legal advice. No attorney-client relationship will exist between you or your business and O’Melveny or any of its attorneys unless conflicts have been cleared, our management has given its approval, and an engagement letter has been signed. Meanwhile, you agree: we have no duty to advise you or provide you with legal assistance; you will not divulge any confidences or send any confidential or sensitive information to our attorneys (we are not in a position to keep it confidential and might be required to convey it to our clients); and, you may not use this contact to attempt to disqualify O’Melveny from representing other clients adverse to you or your business. By clicking "accept" you acknowledge receipt and agree to all of the terms of this paragraph and our Disclaimer.

pdf

John Dermody joined O’Melveny after a decade in government service, recently serving as a deputy legal advisor at the National Security Council (NSC). Previously, John served in the General Counsel’s offices of the Department of Homeland Security (DHS) and the Department of Defense.  Drawing on his experience in the highest levels of government, John advises clients on data security, privacy, cybersecurity, and national security issues, including economic sanctions and national security reviews of investments and technology transactions conducted by the Departments of Justice, Homeland Security, Defense, the Treasury, State, and Commerce. As a member of O’Melveny’s Coronavirus Task Force, John advises clients on government emergency powers, shelter-in-place orders, and data privacy issues associated with public health measures.

While at the NSC, John advised senior officials on cybersecurity, infrastructure protection, disaster response, border and transportation security, election security, biodefense, and other matters of US national security. His work included coordinating responses to and attribution of cyber incidents, revising US cyber operations policy, and helping to develop and implement the National Cyber Strategy. He also advised on US sanctions programs and matters and policies relating to supply chain security, 5G deployment, and spectrum allocation.

VIEW MORE

Government Experience

  • Deputy Legal Advisor, Office of the Legal Advisor, National Security Council
  • Attorney-Advisor, Intelligence Law Division, Office of the General Counsel, United States Department of Homeland Security
  • Associate Deputy General Counsel, Office of the General Counsel, United States Department of Defense

Honors & Awards

  • Meritorious Unit Citation, Director of National Intelligence, 2018
  • Secretary’s Award for Excellence, Department of Homeland Security, 2017, 2014
  • Team of the Year, Intelligence Community Legal Award, 2017
  • Intelligence Integration Unit Citation, Director of National Intelligence, 2015
  • Intelligence Leadership Award, Department of Homeland Security, 2015

Admissions

Bar Admissions

  • California
  • District of Columbia

Education

  • University of California, Hastings College of the Law, J.D., Hastings International and Comparative Law Review, Consulting Editor
  • Queen’s University, Belfast, M.A., International Politics, with merit
  • University of Dublin, Trinity College, M.Phil. 
  • University of California, Berkeley, B.A.

Professional Activities

Clerkships

  • The Honorable Robert R. Rigsby, Superior Court of the District of Columbia, Washington, DC
  • The Honorable Frederick H. Weisberg, Superior Court of the District of Columbia, Washington, DC

Publications

Speaking Engagements

  • Presenter, “Ransomware: How to Prepare and Respond,” O’Melveny Public Company Boot Camp series (August 2021)
  • Panelist, “Board of Directors Roundtable - Ransomware Developments,” Board of Directors Forum: Let’s Wine About Ransomware (December 10, 2020)
  • Panelist, “Are you Being Reasonable? Implementing and Defending Reasonable Data Security Requirements,” O’Melveny and the Crypsis Group Webinar (August 13, 2020)
  • Panelist, “Business Preparedness in Times of Pandemic,” J&J’s Legal Webinar Series for Life Sciences Entrepreneurs (July 23, 2020)
  • Panelist, “DEFCON ONE: Cyberattacks, Pandemics, Emergency Planning, and the Legal Battle for Recovery” O’Melveny and Homeland Security Advisory Council Webinar (May 28, 2020)
  • Presenter, “Returning to the Workplace Amidst COVID-19,” O’Melveny Webinar (May 20, 2020)

Certifications

  • Certified Information Privacy Professional/United States (CIPP/US)
  • Certified Information Privacy Professional/Europe (CIPP/E)

In the News

Law360: 2 FCA Settlements Highlight Gov’t Cyber Liability Focus

May 31, 2022

The Cyber Wire: US-EU Data Negotiations

April 11, 2022

The National Law Journal: Ex-DHS Attorney on Corporate Cybersecurity Risks in Wake of Russia-Ukraine Conflict

February 24, 2022

Law360: Dentons, CMS Close Kyiv Offices Amid Crisis In Ukraine

February 24, 2022

LiveNow from FOX: O’Melveny’s John Dermody Joins FOX News to Discuss Ukraine Crisis

February 23, 2022

Law360: Ukrainian Websites Attacked As New Malware Said To Spread

February 23, 2022

Reuters Legal: O’Melveny’s Dermody on New Cybersecurity Directives For Critical Pipelines

August 3, 2021

Law360: Cybersecurity & Privacy Policy To Watch For Rest Of 2021

July 30, 2021

WTOP NEWS: Nation-state hackers undeterred by US ‘naming and shaming’

July 27, 2021

TechRepublic: The Ransomware Risk Management Calculus is Changing for OT, ICS and Critical Infrastructure

July 22, 2021

Law360: 6 Cybersecurity Events That Have Defined 2021

July 12, 2021

Law360: Biden Taps Obama Counterterror Chief To Lead DOJ Division

May 26, 2021

SC Magazine: Colonial Pipeline attack: What government can do to deter critical infrastructure cybercriminals

May 10, 2021

Law360: SolarWinds Sanctions Far From Last Word On Russian Hacks

April 15, 2021

Law360: COVID Inflamed Damaging Year For Data Breach Victims

March 11, 2021

SC Magazine: As Ransomware Inches from Economic Burden to National Security Threat, Policies may Follow

February 25, 2021

Law360: Biden Admin. To Weigh Risk Of Unleashing Cyberweapons

February 8, 2021

Cybersecurity Dive: GDPR Regulators are Sinking Their Teeth into Violators. 2020’s Fines are Proof.

January 28, 2021

CPO Magazine: Pro-Trump Capitol Riot Posed Potentially Serious Cybersecurity Risks Including Spying and Malware Installation

January 13, 2021

FORTUNE: Pro-Trump rioters could face up to 20 years in prison

January 7, 2021

Law360: How Ransomware Will Continue Wreaking Havoc In 2021

January 3, 2021

Law360: Biden Could Use Obama-Era Tools To Counter Sprawling Hack

December 18, 2020

ClearanceJobs: Per NSA, DoD Networks in the Crosshairs of Chinese State-Sponsored Hackers

October 27, 2020

Roll Call: TikTok ‘Not a Great Look’ for Lawmakers, Security Experts Say

September 30, 2020

Alerts and Publications

Utah Joins California, Colorado, and Virginia in Enacting Consumer Privacy Law

March 29, 2022

President Biden Signs New Critical Infrastructure Cyber Incident Reporting Obligations Into Law

March 22, 2022

SEC Proposes New Rules on Cybersecurity

March 16, 2022

Russian Aggression Prompts Senate to Pass Cybersecurity Legislation

March 9, 2022

Data Security & Privacy Predictions for 2022: Six Issues to Watch

January 26, 2022

Commerce Clarifies That Technology Supply Chain Rule Reaches “Connected Software Applications” But Leaves Many Questions Unanswered

December 8, 2021

Biden’s Build Back Better Act Aims to Strengthen the FTC’s Privacy and Data Security Stance, But Enforcement Options Remain Limited by Supreme Court Precedent

November 29, 2021

Secure Equipment Act Accelerates FCC Rulemaking to Prohibit Licenses for Chinese Security and Technology Equipment

November 24, 2021

It’s a Sign: Key Takeaways from FinCEN’s Ransomware Report

October 20, 2021

New OFAC Compliance Guidance for the Virtual Currency Industry Provides Insights into OFAC’s Compliance Expectations that are Useful for Both the Virtual Currency Industry and the Broader Corporate Community

October 19, 2021

The Deadline for EU Standard Contractual Clauses is Here, Are You Ready?

September 27, 2021

European Commission Revises Rules for International Data Transfers

June 16, 2021

Supreme Court Narrows Computer Trespass Law

June 9, 2021

Biden Administration Recalibrates Executive Order Prohibiting Investments in Publicly Traded Securities of Certain Chinese Companies

June 7, 2021

Biden Administration Recalibrates Executive Order Prohibiting Investments in Publicly Traded Securities of Certain Chinese Companies

June 7, 2021

Government Imposes Mandatory Cybersecurity Requirements on Pipeline Operators in Response to Ransomware Attack

June 2, 2021

Biden Executive Order Sets the Table for Industry Cybersecurity Reform

May 17, 2021

Biden Administration Issues New Targeted Economic Sanctions On Russia

April 16, 2021

FCC Lists Certain Chinese Telecom Equipment as National Security Risk

March 17, 2021

Draft EU Adequacy Decision Paves the Way for Smooth EU-UK Data Flows Post-Brexit

March 8, 2021

Reminder: NHTSA Updated Cybersecurity Best Practices—Comments Due by March 15, 2021

March 8, 2021

The CCPA and Belaire Notices: Civil Discovery in California’s New Privacy Era

February 25, 2021

CDA Section 230: Its Past, Present, and Future

February 12, 2021

Commerce Department’s New Technology Supply Chain Rules Leave Many Unanswered Questions

February 2, 2021

Data Security and Privacy Predictions for 2021: 6 Issues to Watch

January 28, 2021

Unfinished Business and Potential New Directions: The Biden Administration Faces Many Decisions in Addressing Trump Administration Measures Targeting China and other National Security Threats

January 20, 2021

Despite Brexit Deal, UK Data Transfers Remain in Limbo

January 4, 2021

Trump Administration Takes Further Actions Targeting China as Term Nears End

December 21, 2020

Staying Ahead of the EU Data-Protection Curve: How Companies Can Ensure Continued Transatlantic Data Transfers

December 1, 2020

Video: Data Security & Privacy in the Age of COVID – A Conversation with Lisa Monaco and John Dermody

November 17, 2020

Treasury Issues New Guidance on Risks of Ransomware Payments

October 9, 2020

Preliminary Injunctions Delay Implementation of Commerce Department Orders Targeting TikTok and WeChat

October 1, 2020

Commerce Department Prohibits Transactions with TikTok and WeChat

September 18, 2020

Law Society of Ireland Gazette: The Second Coming

September 9, 2020

Picking up the Pieces After Schrems II

July 30, 2020

New York Files First Charges Under Data Security Regulation

July 30, 2020

U.S. Government Imposes National Security-Driven Procurement Restrictions on Federal Government Contractors that Will Impact Their Supply Chain

July 24, 2020

Federal Contractors and Their Suppliers are in Limbo Awaiting Fast-Approaching Deadline for Implementation of Section 889 Supply Chain Restrictions

July 7, 2020

Events

Press Releases