AREA OF PRACTICE

Cybersecurity & Data Privacy and White Collar Defense & Government Investigations

Biography

Guillermo Christensen is a partner in the White Collar Defense & Government Investigation Group and Chair of the Cybersecurity and Data Privacy Practice at Brown Rudnick.   Guillermo advises multinational corporate clients on various enterprise risks involving information systems security and data security ("cybersecurity") and insider threats to corporate systems. He has conducted confidential internal investigations relating to cybersecurity incidents, allegations of foreign corruption, and violations of export controls and economic sanctions.  Guillermo regularly represents clients seeking to secure approvals from the Committee on Foreign Investment in the U.S. (CFIUS) for acquisitions of U.S. businesses by foreign buyers involving national security issues.  In all these areas, Guillermo brings a wealth of international business, intelligence, and national security experience to his practices and provides his clients with broader perspectives for troubleshooting complex and unusual problems.

In the government, Guillermo was a CIA intelligence officer and a diplomat with the U.S. State Department.  From 2001 to 2002, he was also the CIA Fellow to the Council on Foreign Relations in New York, an intelligence community position designated for officers on the cusp of the most senior responsibilities.  From 2002 to 2004, Guillermo was on loan from the CIA to the FBI and to a national counterterrorism fusion center to help improve intelligence collection and analysis of emerging threats.  He most recently served in a policy role as the Science and Technology Advisor to the U.S. Mission to the Organization for Economic Cooperation and Development (OECD) in Paris, where he led multi-stakeholder policy reviews of encryption, cybersecurity and cross-border data flows. 

In private practice, Guillermo has worked on a variety of complex international matters—including FCPA and OFAC investigation and dual use and high-technology exports. He has served clients across the financial, technology, energy and defense sectors, and has worked on matters in the Middle East, Latin America, Asia, Europe and Africa.

In the cybersecurity field, Guillermo is a thought leader on the topics of intelligence collection, counter-measures, business opportunities for emerging companies, and corporate governance.  Building upon his experience in the intelligence and national security realms his focus is on helping clients integrate information and network security practices into their enterprise risk process, and facilitating companies’ adaptation to technical and human (insider) threats and system vulnerabilities.  When breaches or insider threats are suspected, Guillermo leads Brown Rudnick’s multidisciplinary team to carry out investigations, manage crises, and assist clients in the remediation process.  Guillermo also frequently speaks on cybersecurity topics to audiences nationwide – he is currently involved in drafting a Sedona Conference Working Group 11 project on data security for law firms. 

Guillermo is active with several prominent organizations including as a life member of the Council on Foreign Relations, where he serves on the selection committee for the International Affairs Fellowship.  He also serves on the Advisory Board of the Reves Center for International Studies at the College of William and Mary. He was a 2016 Fellow of the Leadership Council on Legal Diversity (LCLD).   

Representation

Cybersecurity and Data Privacy

Assisted client with ransomware attacks on “family jewel” type assets

Negotiated with the U.S. Government following a breach in a sensitive defense related contract

Counseled client in managing ransomware incident and insurance claims

Counseled a client after key systems were hijacked by hackers and posed a mission critical threat to their systems. Assisted the client in securing and recovering their assets

Trained energy clients at the staff and management level on assessing and scoping cybersecurity threats

Advised clients on intellectual property-related matters involving information security and associated systems

Counseled on cybersecurity dimensions of M&A transactions

Corporate Investigations and FCPA Compliance

Conducted a year-long internal investigation for a Fortune 100 high technology company in South America and Europe

Conducted an internal investigation in Colombia for a Fortune 100 company involving hiring practices and government officials

Conducted internal investigations and performed risk assessments relating to FCPA compliance, among the locations involved are Myanmar/Burma, Brunei, Chad, Saudi Arabia, Equatorial Guinea, Angola, Singapore, China, Russia, the UAE, Thailand, Malaysia, Mexico, Iraq, Egypt, Colombia and the UK

Fortune 500 oil services company – conducted acquisition due diligence on corporate target and post-closing diligence

Fortune 1000 company – consulted on enhancements to global anticorruption policies and procedures and training program

Russian telecommunications company – due diligence review in connection with planned acquisition of telecommunications company

Oil services company – drafted anticorruption policies and associated procedures and provided training to board, senior management and sales teams

Regulatory and National Security Law

Secured regulatory approvals including CFIUS for transaction involving weapons manufacturer

Led global information and communications technology (ICT) solutions provider – advice and representation before CFIUS in connection with proposed U.S. investment activities

U.S. aviation maintenance and repair company – representation before CFIUS, State Department and Defense Security Service in connection with acquisition by AsiaPac purchaser

Secured CFIUS clearance by European aerospace company in a $1 billion acquisition of commercial and military aircraft business

International oilfield services company – comprehensive audit of export controls and sanctions compliance programs in connection with U.S. government investigation

Various multinational companies – regularly developed and oversaw implementation of global export control and sanctions compliance programs

Large U.S. chemicals company – conducted comprehensive review of technology at all U.S. facilities to assess compliance with U.S. technology “deemed export” controls

International energy companies – advised on compliance with Crimea and Ukraine sanctions

Middle Eastern companies – counseled on compliance with U.S. Iran and Syria sanctions

International Arbitration and Complex Business Litigation

Sovereign state – arbitration of initial claims under a joint dispute board arising from a hydropower project

Represented the deposed head of a democratically elected government on a range of international legal matters

Represented petitioner before U.S. Supreme Court on statute of limitations appeal (BP Am. Prod. Co. v. Burton, 549 U.S. 84 (2006))

Education

Georgetown University Law Center – J.D., cum laude, 2005
Georgetown University – M.S., Foreign Service, 1990
American University – B.A., International Relations, 1988

Bar Admissions

District of Columbia
Virginia
New York
Publications
Co-author, "The Perfect Storm: Facebook and Data Regulation Enforcement Leads to Major Implications for Corporates," InterContinental Finance & Law, Issue 149/18, March 2018
Co-author, ‘Cyber Security – Not Just IT,’ Brown Rudnick Alert, April 17, 2018
Co-author, ‘All U.S. States Now Require Breach Notification and More Mandate Cybersecurity Measures,’ Brown Rudnick Alert, April 10, 2018
Co-author, ‘OFAC Blocks Russian “Oligarchs” and Companies with Implications for U.S. Activities,’ Brown Rudnick Alert, April 9, 2018
Co-author, ‘OFAC Takes Initial Steps to Deal with Questions About the Application of US Sanctions to Cryptocurrency,’ Brown Rudnick Alert, March 21, 2018
Co-author, ‘Former Equifax Executive Charged with Insider Trading After Data Breach,’ Brown Rudnick Alert, March 16, 2018
Co-author, ‘Keep Calm and Carry On? Cybersecurity in Britain,' Brown Rudnick Alert, October 17, 2017
Co-author, ‘SEC Underscores Cybersecurity Risks and Mitigation Requirements,’ Brown Rudnick Alert, May 19, 2017
Co-author, ‘Cyber-attacks Go Global: Responding to the Aftermath of the Global Ransomware Attacks,’ Brown Rudnick Alert, May 15, 2017
Speaking Engagements
Speaker, "Cybersecurity and Internet of Things" and Panelist, "Legal Privilege and Its Implications in Cross Border Investigations," Corporate Parity's 3rd Annual Anti-Corruption and Compliance Summit, Amsterdam, The Netherlands. May 3-4, 2018.
Corporate Counsel Conference, Hispanic National Bar Association, speaker, “Spy Craft: Nation-state cyber threats and managing enterprise risks,” San Francisco, March 2018
Control Risks RiskMap 2018 Conference, Speaker, Fireside Chat on Cybersecurity and Global Risks, Washington DC, January 2018
INsecurity 2017 Conference, Roundtable moderator, Protecting Attorney Client Privilege During A Data Breach Investigation, Maryland, November 2017
Brown Rudnick Cyber Conference (with FBI, Willis Towers Watson, and BlueTeamGlobal), Moderators and Speaker, Cyber Breaches: What General Counsels Need to Know About Detection and Response, Boston, November 2017
Houston Compliance Counsel Exchange, Speaker, Cybersecurity: What Compliance Officers Need to Know, Houston, Texas, October 2017.
Hispanic National Bar Association Annual Convention, Panelist, Cybersecurity Risk and Insurance, Kansas City, September 2017.
Sedona Conference Working Group 11, Panelist, Clients, Law Firms and Data Security, San Diego, September 2017.
ABA Section of International Law, Panelist on Data Security in the Panama Paper Context, April 2017.
SINET ITSEF Palo Alto Conference, Speaker, China’s New Cybersecurity Law, March 2017.
Sedona Conference Working Group 11, Panelist, Law Firm Data Security, Tampa, January 2017.
St. John’s University School of Risk Management, Speaker, Cybersecurity Threats to Critical Infrastructure, New York, November 2016.
Conference for the American Public Power Association, Speaker, Cybersecurity Challenges to Public Utilities, Long Beach, October 2016.
St. John’s University, Speaker, Conference on Geopolitical Risk and Cybersecurity, October 2015.
Council on Foreign Relations Conference on Diversity in International Relations, Moderator, Closing Plenary Panel on Technology, 2014.
Hispanic National Bar Annual Conference, Presenter on Cyber Crimes, Ethics & Social Media, September 2013.
Council on Foreign Relations, Moderator for “Forecasting the Future: Social Media as an Intelligence Tool,” February 2012.
IBM Data Governance Conference, Talleyrand Center, Paris, Speaker on “Data Governance and US Policy,” 2011.
Professional Affiliations
Member, Cybersecurity & Privacy Editorial 2018 Board, Law360
Council on Foreign Relations, Life Member
Hispanic National Bar Association
Leadership Council on Legal Diversity, 2016 Baker Botts Fellow
Member of the Advisory Board for the Reves Center for International Studies, College of William & Mary
Member, 2017 Law360, Privacy/Consumer Protection Editorial Advisory Board
Member, 2016 Law360 International, Trade Editorial Advisory Board
Association of Former Intelligence Officers (AFIO)
The OSS Society
Central Intelligence Retirees Association
Community Involvement
Member of the Advisory Board for the Reves Center for International Studies, William & Mary University
Media Coverage
"Gone Phishing: Travelers Claims Plan Doesn't Cover Cyber Losses", Bloomberg Law, May 1, 2018
"How Cellphone Chips Became a National-Security Concern," Wall Street Journal, March 7, 2018
"Broadcom's deal for Qualcomm is in serious jeopardy, and it might have to abandon its bid and come back later," CNBC, March 7, 2018
"For Equifax's Legal Team, Breach Likely To Bring Litigation Challenges, High Price Tag," Law.Com, September 2017
Law360 Privacy/Consumer Protection Editorial Advisory Board, Law360, March 6, 2017
"As Hacking Incidents Rise, Cybersecurity to Remain a Priority Under Trump," The Street, November 21, 2016