Todd McClelland

Partner, Attorney at Law, McDermott Will & Emery LLP

Todd S. McClelland advises companies on complex, international legal issues associated with cybersecurity breaches and compliance, data privacy compliance, and data, technology, cloud, and outsourcing transactions. Todd counsels clients in many industries, including payment processors, cybersecurity product providers, retailers, petro companies, financial institutions and traditional brick-and-mortar companies. Todd is the global head of the Firm’s Global Privacy & Cybersecurity Practice Group.

Prior to his legal career, Todd was an engineer designing and programming industrial control, robotics, and automation systems. This background gives him a unique perspective and understanding of the technology underlying the cybersecurity and privacy issues he addresses.

Todd handles some of the largest and most well-known (and unknown) cybersecurity incidents, as well as pre-breach cyber activities, such as cyber tabletops, incident response plan design, leading client and vendor penetration testing, designing cyber risk management programs, and advising corporate boards on cybersecurity issues. He also has extensive experience with PCI/payment system compliance and incidents.

Todd advises clients on global data privacy compliance issues (e.g., GDPR, CCPA), including the establishment of data privacy programs and addressing unique privacy issues pertaining to AdTech and other evolving business models and technologies. He also focuses on cybersecurity and privacy issues associated with new technologies, such as “IoT” products, Industrial IoT, and artificial intelligence/machine learning.

In his outsourcing and technology practice, Todd is highly skilled in data licensing, cloud (e.g., SaaS, IaaS, PaaS), large-scale systems integration projects (e.g., Microsoft Dynamics 365), traditional outsourcing (e.g., ITO, HRO, ADM, BPO), and new technology partnering initiatives (e.g., AI/ML, and Quantum).

Todd McClelland's Events

Managing Third-Party Vendor Security From the Business Perspective

Date: Wednesday, September 14

Presented by: Kara Gunderson, PCIP, Director Payment Card Operations, Citgo Petroleum Corporation; Greg Luna, Sr. Legal Corporate Counsel, CITGO Petroleum Corporation and Todd McClelland, Partner, Attorney at Law, McDermott Will & Emery LLP

As recent security incidents demonstrate, third party service providers can cause significant cyber risks. Knowing this, what should a company do to mitigate and manage this risk? Our panel will address this issue by focusing on business aspects of security through the contracting process with service providers. We will discuss best practices to explore the security posture of a prospective vendor, including suggestions for additional cyber-related contract provisions.