L. Judson Welle

Jud Welle is a partner in Goodwin’s Data, Privacy & Cybersecurity practice and Complex Litigation & Dispute Resolution practice. A former federal prosecutor and leading cybersecurity investigator, Jud counsels clients on cyber incident response and preparedness, response to insider threats and nation state attacks, cyber threat assessment, cybersecurity governance, regulatory response and compliance, white-collar criminal defense, internal investigations, and litigation. He draws from over two decades of experience leading investigations into hackers and spies, presenting cases to juries, arguing issues before courts, counseling executives and boards, and responding to crises.

Jud's representative experience and notable cases include:

• Led multiple investigations involving ransomware, business email compromise, and inadvertent data exposure for a range of organizations*
• Supervised an investigation into a corporate network intrusion and exfiltration of millions of customer records from an enterprise services company*
• Led several insider threat investigations, including those involving sabotage of virtual servers perpetrated by a disgruntled IT administrator, leaks of sensitive corporate information by insiders, and unauthorized cryptocurrency “mining” activity on a corporate network for a publicly traded media company*
• Advised the board of directors of a major U.S. bank about communications security and supervised implementation of a platform to protect its sensitive deliberations*
• Secured convictions at trial against an employee of a U.S. defense contractor for stealing and exporting trade secrets for missile guidance technology for the benefit of the People’s Republic of China (U.S. v. Sixing Liu)*
• Secured conviction at trial against a political operative for disabling an opponent’s website and hacking into email accounts (U.S. v. Joseph Roque)*
• Secured conviction against a U.S. defense contractor for supply chain fraud, exporting defense technical data to India, and providing defective parts to the U.S. military for use in F-15 fighter aircraft (U.S. v. Hannah Robert)*
• Secured conviction against a foreign national for laundering nearly $20 million in criminal proceeds from a massive international telecommunications hacking and fraud scheme (U.S. v. Muhammad Qasmani)*
• Secured a 63-month prison sentence for a foreign national for running an international cashing operation that monetized stole credit and debit card information obtained through computer hacking (U.S. v. Angelo Virtucio)*
• Secured convictions against three New Jersey men for conspiring to join the Islamic State in Iraq and Syria, a designated foreign terrorist organization (U.S. v. Nader Saadeh, Alaa Saadeh, & Samuel Topaz)*
• Secured convictions against two New Jersey men for conspiring to murder individuals on behalf of Al-Shabaab, a designated foreign terrorist organization (U.S. v. Mohamed Alessa & Carlos E. Almonte)*
• Secured conviction against a New York City pharmacist for developing the biological toxins ricin and abrin for use as weapons and possessing materials to manufacture military-grade explosives (U.S. v. Jordan Gonzalez)*

*Denotes experience prior to joining Goodwin.

Before joining GoodwinJud was most recently a Managing Director, the Head of the Digital Investigations & Cyber Defense practice, and Chief Counsel for Cybersecurity & Privacy at Nardello & Co., a Chambers recognized global investigations firm. In that role, Jud managed and led engagements involving cyber incident response, insider threats, digital forensics, cybersecurity advisory services, and executive and organizational preparedness. Jud also provided legal advice to the firm related to cybersecurity, incident response and preparedness, risk assessment and management, data privacy, compliance, and litigation. Prior to Nardello, Jud was a Managing Director at specialized risk management firm Stroz Friedberg, where he supervised incident response, proactive cybersecurity services, complex digital forensics, due diligence, and eDiscovery matters.

Jud is a former federal prosecutor who served as an Assistant U.S. Attorney for the District of New Jersey in Newark. During his 12-year tenure, he investigated and prosecuted federal crimes, including computer hacking, fraud, intellectual property theft, money laundering, terrorism, export-control violations, public corruption, and international narcotics trafficking. Jud also held the roles of Cyber Crime Coordinator and National Security Cyber Specialist, where he led the office’s efforts to combat computer hacking and data theft by nation states, criminal networks, and insider threats. Jud also served as a fellow with the National Cyber Investigative Joint Task Force, a multi-agency cyber center led by the FBI and composed of more than 20 partnering agencies from across law enforcement, the intelligence community, and the Department of Defense.

Jud previously worked as an associate in the litigation department of Dewey Ballantine LLP in New York City. Prior to that, he served as a law clerk to the Honorable John W. Bissell, Chief District Judge of the US District Court for the District of New Jersey.

Trustee, Board of Trustees, Alumni Association of the U.S. Attorney's Office District of New Jersey

Member, Drafting Team for 2nd Edition of the Commentary on Application of Attorney-Client Privilege and Work-Product Protection to Documents and Communications Generated in the Cybersecurity Context, The Sedona Conference

Member, Federal Bar Council

Jud received numerous awards from the Federal Bureau of Investigation and other law enforcement agencies during his tenure as a federal prosecutor for his case work. He has also received the Burton Award for Legal Achievement for outstanding legal scholarship.

Jud frequently writes, presents, and comments on legal issues related to cybersecurity, data protection, breach response, insider threats, national security, counterterrorism, eDiscovery, and interacting with regulatory and law enforcement agencies.

Jud’s recent speaking engagements include:

• Panelist, “Cyber New Year’s Resolutions: Predictions and Best Practices for Risk Management”, IAPP Web Conferences, January 2023
• Panelist, “Proposed SEC Rules Will Force Public Companies to Dramatically Rethink Cybersecurity Investigations and Response Strategy,” Webinar (December 2022)
• Panelist, “Data Privacy and Security: Regulation, Enforcement, and Best Practices,” New York City Bar Compliance Institute 2022, September 22, 2022
• Panelist, “Democracy and Technology in the Digital Age, Deploying an Open Innovation Platform,” The Democracy and Culture Foundation, June 28, 2021
• Panelist, “Emerging Cyber Threats: What Companies Need to Know & Plan For,” Nardello & Co., June 15, 2021
• Panelist, “After the Breach: Working with Law Enforcement,” U.S. Attorney’s Office for the District of New Jersey, Cybercrime Symposium, May 18, 2021
• Panelist, “Managing Cyber Risk in a Hostile World,” INFORM Conference, ARMA-NJ, June 14, 2018

Jud’s commentary and notable publications include:

• Co-Author, “The DOJ Goes Phishing: The Rise of False Claims Act Cybersecurity Litigation,” Law Journal Newsletters, March 2022
• Co-Author, “Never Break the Chain: Software Supply Chain Risks and Solutions,” New York Law Journal, March 2022
• Quoted, “Goodwin Nabs Cyber Pro To Boost Incident Response Arsenal,” Law360 Pulse, January 2022 
• Quoted, “Cybersecurity Resolutions for 2022,” Cybersecurity Law Report, January 2022
• Quoted, “SEC Lures Top Enforcer Who Says Tougher Punishment Is Coming,” The Wall Street Journal, December 2021
• Quoted, “The U.S. Government Has a Massive, Secret Stockpile of Bitcoin — Here’s What Happens to It,” CNBC, December 2021
• Co-Author, “January 6 and Beyond: Understanding the New Social Media Landscape,” Nardello & Co., March 2021
• Co-Author, “Hack & Sell Short: A New Cyber Threat,” Nardello & Company, January 2021
• Co-Author, “The Cyber Threat Epidemic,” Nardello & Co., April 2020
• Author, “Power, Policy, and the Hyde Amendment: Ensuring Sound Interpretation of the Criminal Attorneys’ Fees Law,” 41 William & Mary Law Review 333, 1999