Photograph of Evan D. Wolff View LinkedIn page Download V-card

Evan D. Wolff

Phone: +1 202.624.2615
1001 Pennsylvania Avenue NW
Washington, DC 20004

Evan D. Wolff is a partner in Crowell & Moring's Washington, D.C. office, where he is co-chair of the firm's Chambers USA-ranked Privacy & Cybersecurity Group and a member of the Government Contracts Group. Evan has a national reputation for his deep technical background and understanding of complex cybersecurity legal and policy issues. Calling upon his experiences as a scientist, program manager, and lawyer, Evan takes an innovative approach to developing blended legal, technical, and governance mechanisms to prepare companies with rapid and comprehensive responses to rapidly evolving cybersecurity risks and threats. Evan has conducted training and incident simulations, developed response plans, led privileged investigations, and advised on hundreds of data breaches where he works closely with forensic investigators. Evan also counsels businesses on both domestic and international privacy compliance matters, including the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). He is also a Registered Practitioner under the Cybersecurity Maturity Model Certification (CMMC) framework.

Representing a broad range of companies across multiple sectors including government contractors, the defense industrial base, transportation, energy, health care, insurance, hospitality, education, and non-profit, Evan's legal practice has a focus on regulatory compliance including Defense Federal Acquisition Regulation Supplement (DFARS), General Data Protection Regulation (GDPR), Privacy Shield, the SAFETY Act, and the Chemical Facility Anti-Terrorism Act (CFATS). Evan also advises companies on computer network security, general security issues, investigation coordination after intrusions, data breaches, and insurance-related issues.

Prior to entering private practice, Evan served as an advisor to the senior leadership at the Department of Homeland Security (DHS). Previously, he held the position of principal homeland security policy analyst/project manager to The MITRE Corporation and also served as general counsel and senior geospatial analyst for isciences LLC; vice president and principal of Environmental Protection International; and senior geologist at the U.S. Nuclear Regulatory Commission.

Adding to his credentials, Evan was inducted into the Council on Foreign Relations in 2017 joining other thought leaders, including top government officials, global business leaders, members of the intelligence and foreign policy community, journalists, and prominent lawyers, to help shape foreign policy. Evan serves on the Sandia National Lab External Advisory Board, the U.S. Chamber of Commerce National Security Task Force, as a panel member on the Defense Science Board at the Department of Defense, and as a senior adviser at the Homeland Security and Defense Business Council. Evan is currently the co-chair of the ABA Homeland Security Law Institute, as well as a senior adviser to the ABA Committee on Law and National Security. In 2011, Evan was invited to serve as a member of the Aspen Institute's Homeland Security Group. Evan also serves as a senior associate (non-resident), Homeland Security and Counterterrorism Program at the Center for Strategic & International Studies (CSIS).

In 2014, Evan co-authored an ABA Section of Criminal Justice article titled, "Industry Collaborations on Cybersecurity: Protecting Against Antitrust Violations," which was selected as one of the "Best Articles" for the Business category, Anticompetitive Practice section at the 2015 Antitrust Writing Awards in Washington, D.C.

Evan is currently teaching a class on Cybersecurity at Columbia University’s School of International and Public Affairs, and has previously been an adjunct professor at George Mason University School of Law, a global fellow with the Wilson Center, and a senior advisor to The Chertoff Group, a global security advisory firm based in Washington, D.C.

Relevant Experience

  • Advised hundreds of companies develop cybersecurity incident response and crisis management plans and respond to data breaches, including facilitating public- and private-sector notifications in compliance with state regulatory programs.
  • Advised a broad sector of companies, including the nation’s critical infrastructure, develop site security plans in compliance with national and international governmental cybersecurity and privacy programs and standards. 
  • Advised companies on physical security audits and assessments.
  • Advised numerous chemical and manufacturing companies on chemical security regulation compliance, including compliance with the Chemical Facility Anti-Terrorism Standards (CFATS). 
  • Advised a broad base of companies in the areas of infrastructure protection, science and technology, and public policy in the national security area, and the SAFETY Act. 
  • Advised and counseled energy companies on NERC compliance issues, with a particular focus on Critical Infrastructure Protection (CIP) Standards. 
  • Represented a manufacturing company regarding Chemical Safety and Hazard Investigation Board (CSB) assessment of an industrial accident. 
  • Advised Fortune 100 corporation on compliance with security-related provisions including CFATS, the Maritime Transportation Security Act, and Federal Energy Regulatory Commission regulations. 
  • Advised multiple companies on security and safety regulation issues associated with construction and management of critical infrastructure including pipeline and energy. 
  • Developed environmental management systems in energy and chemical industries, focusing on various environmental statutes and multilateral environmental agreements. 
  • Significant project management and work experience in India, China, Nigeria, the European Union and the Middle East. 
  • Advised U.S. government and private corporations on trade and business transactions regarding domestic, foreign and international laws and treaties in the areas of environmental law and policy, and international trade. 
  • Advised Fortune 500 defense contractor on legal issues associated with participation in Foreign Intelligence Surveillance Act and Electronic Communications Privacy Act related activities on behalf of U.S. government agency. 


  • University of Maryland, College Park, B.S. geology and education (1994) with honors
  • Northern Arizona University, M.S. geology (1997)
  • University of Maryland School of Law, J.D. (2000)
  • Duquesne University School of Law, environmental law certificate and Chinese law certificate (2000)


Admitted to practice: District of Columbia, Maryland

Awards & Recognition

  • Named "Homeland Security Professional to Watch," The Year in Homeland Security, 2009


  • Fellow, The National Security Institute
  • Board Member, The AI Security Alliance
  • Member, Maryland Carey Law Alumni Board, 2018-present
  • Member, Council on Foreign Relations
  • Global Fellow, Digital Futures Project, The Wilson Center, 2016-2018
  • Advisory Board Member and Panelist, 2013 National Cyber Education Symposium
  • Member, American and Maryland Bar Associations
  • Member, National Security Task Force, U.S. Chamber of Commerce, 2007-present
  • Member, Board of Advisors, Homeland Security and Defense Business Council, 2008-present
  • Member, Advisory Board, Energy, Climate & Infrastructure Security, Sandia National Labs, 2010-present
  • Member, American Bar Association Working Group on Cybersecurity Law
  • Member, Advisory Board, Homeland Security and Defense Mission Area, Sandia National Labs, 2008-2012
  • Deputy Director, Aspen Homeland Security Group, 2011-present
  • Member, Advisory Committee, Homeland Security Presidential Transition Initiative, Center for American Progress, 2008

View More

"Key Provisions of the FY 2022 NDAA," Crowell & Moring Webinar (January 20, 2022). Speakers: Jonathan M. Baker, Adelicia R. Cliffe, Olivia Lynch, John E. McCarthy Jr., Evan D. Wolff, Stephanie L. Crawford, Christopher D. Garcia, and M. Yuan Zhou.
"Byte-Sized Q&A: What is CISA and Why is it Important to Government Contractors?," Podcast: Byte-Sized Q&A (January 19, 2022). Contacts: Evan D. Wolff, Michael G. Gruden, CIPP/G
Client Alert / Newsletter
"Data Security Law Firms - Managing & Preventing Complex Incidents," Sentinel One Webinar, 2022. (January 10, 2022). Speakers: Evan D. Wolff
"Cybersecurity Provisions Proliferate in the National Defense Authorization Act," Government Contracts Bullet Points (January 10, 2022). Contacts: Christopher R. Hebdon, Kate M. Growley, CIPP/G, CIPP/US, Paul M. Rosen, Evan D. Wolff, Maida Oringher Lerner, Michael G. Gruden, CIPP/G
Client Alert / Newsletter
"CMMC 2.0 Scoping Guidance Limits the Scope of Cybersecurity Assessments," Government Contracts Bullet Points (December 23, 2021). Contacts: Kate M. Growley, CIPP/G, CIPP/US, Evan D. Wolff, Maida Oringher Lerner, Michael G. Gruden, CIPP/G, Christopher R. Hebdon
Client Alert / Newsletter
"CISA Emergency Directive Requires Immediate Mitigation of Log4j Vulnerabilities," Administrative Law Alert (December 20, 2021). Contacts: Evan D. Wolff, Jeffrey L. Poston, Garylene (Gage) Javier, Maida Oringher Lerner, Gabriel M. Ramsey, Matthew B. Welling, Alexander Urbelis
Client Alert / Newsletter
"The Log4j Vulnerability: What You Need to Know to Protect Your Business," Crowell & Moring Webinar (December 17, 2021). Speakers: Evan D. Wolff and Alexander Urbelis.
"Byte-Sized Q&A: What’s not in CMMC 2.0?," Podcast: Byte-Sized Q&A (December 3, 2021). Contacts: Kate M. Growley, CIPP/G, CIPP/US, Evan D. Wolff
Client Alert / Newsletter
"Byte-Sized Q&A: What can we expect under CMMC 2.0?," Podcast: Byte-Sized Q&A (November 16, 2021). Contacts: Kate M. Growley, CIPP/G, CIPP/US, Evan D. Wolff
Client Alert / Newsletter
"CMMC 2.0: DoD Unveils Sweeping Changes Streamlining CMMC Requirements," Government Contracts Bullet Points (November 5, 2021). Contacts: Christopher R. Hebdon, Michael G. Gruden, CIPP/G, Maida Oringher Lerner, Evan D. Wolff, Kate M. Growley, CIPP/G, CIPP/US
Client Alert / Newsletter

For all Highlights, News & Knowledge, please click here to view desktop bio.

Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia that represents clients in litigation and arbitration, regulatory and policy, and transactional and corporate matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation and government-facing matters, as well as its ongoing commitment to pro bono service and diversity, equity, and inclusion.

View Desktop Site | Mobile Sitemap |

Contact | Subscribe | Terms of Use | Privacy Statement | Alumni

© Crowell & Moring LLP 2022
Attorney advertising - prior results do not guarantee a similar outcome.