David Simon is co-head of Skadden’s global Cybersecurity and Data Privacy Practice and a member of the firm’s National Security Group. He has deep experience working closely with boards, executive teams, product teams and security teams to develop holistic and pragmatic strategies for navigating rapidly evolving U.S. and European legal, regulatory, compliance and policy issues involving cybersecurity, AI and privacy.
Formerly a Pentagon special counsel, chief cyber counsel to the U.S. Cyberspace Solarium Commission and practitioner of EU law in Brussels, Simon regularly assists clients as the lead investigator and crisis manager for high-stakes, cross-border incidents involving cyberattacks, data breaches, extortion, AI and regulatory defense.
Lawdragon Honors
| Honor | Year | Practice |
|---|---|---|
| The 2026 Lawdragon 100 Leading AI & Legal Tech Advisors | 2026 | Global Cyber Security, AI |
| The 2026 Lawdragon 500 Global Leaders in Crisis Management | 2026 | National Security, Investigations, Cyber |
| The 2026 Lawdragon 500 Leading Lawyers in America | 2026 | National Security, Cyber |
| The Lawdragon 500 Global Leaders in Crisis Management | 2025 | National Security, Investigations, Cyber |
| The 2025 Lawdragon 500 Leading Global Cyber Lawyers | 2025 | Cybersecurity & Data Privacy |
| The 2025 Lawdragon 100 Leading AI & Legal Tech Advisors | 2025 | Global Cyber Security, AI |
| The 2024 Lawdragon 500 Leading Global Cyber Lawyers | 2024 | Cybersecurity & Data Privacy |
| The 2024 Lawdragon 100 Leading AI & Legal Tech Advisors | 2024 | Global Cyber Security, inc. AI |
Simon has dealt with some of the most significant cyber incidents on an international scale. His experience includes advising victims of state-sponsored cyber activity, ransomware and other cyber extortion attacks, as well as breaches of health information, sensitive government information, intellectual property and personal data. Dual qualified to practice in the U.S. and the EU, he often represents global companies in connection with cyber incident preparedness and response investigations requiring analysis of breach reporting obligations under U.S. and EU law, including the EU GDPR, NIS2, DORA and the Cyber Resilience Act, and investigations by European data protection authorities and national cyber authorities. He has counseled companies on major cyber incidents and incident preparedness across virtually every industry, including financial, health care, energy, chemical, defense and aerospace, telecommunications, food, transportation, online retail and hospitality.
Simon is known as a go-to cyber and privacy counsel to leading global private equity sponsors and their portfolio companies, stepping in to serve as cyber counsel and incident commander when portfolio companies face ransomware or other disruptive cyberattacks. He frequently counsels boards, C-level executives and other management as they address cyber vulnerabilities and breaches, and manage associated legal, regulatory and reputational consequences. In recent years, Simon has convened regular roundtables with CISOs, CIOs and CTOs from leading global private equity firms and their portfolio companies to assess trends and risk management strategies concerning cybersecurity, AI and privacy.
With years of experience working in data protection privacy compliance, Mr. Simon regularly advises global tech companies in regulatory defense and cross-border investigations involving GDPR, DORA and NIS2. He often helps clients manage conflicts between rapidly evolving U.S. and European regulatory regimes. He counsels clients on data governance and privacy compliance with HIPAA, ECPA, CCPA/CPRA, EU GDPR and a range of EU laws governing data protection and technology supply chain risk management.
Mr. Simon is widely known for his experience regarding the legal and policy issues at the intersection of cybersecurity, privacy, AI and national security. In addition, he has significant experience with the evolving cybersecurity and privacy legal framework applicable to the internet of things (IoT) and product cybersecurity, operational technology (OT) and industrial control systems (ICS).
Government experience provides Simon with unique insights into regulatory and policy issues affecting companies. He served as Pentagon special counsel from 2011-15, helping to develop a legal and policy framework to address cyber threats, including the response to North Korea’s cyberattack on a major media and entertainment company. In addition, he advised on broader matters concerning cyber policy, plans and operations, as well as social media, autonomous technologies, the use of force, counterterrorism, treaties, sensitive investigations and regional matters involving China, the Korean Peninsula, Syria, Russia, Ukraine and other countries in Asia and the Middle East. Simon also played a key role in the development of the Department of Defense (DoD) Directive on Autonomy in Weapons Systems, which established the department’s policies on the development, acquisition and employment of unmanned, semiautonomous and fully autonomous weapons technologies. The directive represented the first policy announcement by any country regarding fully autonomous weapons. In recognition of his national security work at the DoD, Mr. Simon received the Office of the Secretary of Defense Award for Excellence.
Simon served from 2019-21 as chief cyber counsel to the Cyberspace Solarium Commission, a bipartisan commission established by Congress to develop a strategy to defend the U.S., including the private sector, from cyberattacks. During this time, he helped write more than 30 recently enacted cyber and privacy laws.