- Home
- |Professionals
- |Matthew B. Welling
Matthew B. Welling
Overview
Matthew B. Welling is a partner in Crowell & Moring's Washington, D.C. office, where he practices in the firm's Privacy and Cybersecurity and Energy groups. Matthew has a deep technical background that he leverages to represent clients in a wide range of counseling and regulatory matters. His experience includes cybersecurity and privacy incident response, compliance reviews, risk assessments, and the development of corporate policies and procedures, such as incident response plans. Matthew has a diverse background in M&A and other corporate transactional issues, with specific recent experience with technology transactions, cybersecurity issues, and critical infrastructure project development.
Matthew is a leader in Crowell & Moring’s Blockchain / Distributed Ledger Technology (DLT) practice and speaks frequently on blockchain and DLT issues. He is currently a vice chair of the ABA’s Privacy and Computer Crime Committee of its Science & Technology Law section.
Prior to practicing law, Matthew was a software developer and management consultant with PricewaterhouseCoopers, IBM, and Accenture.
Cybersecurity and Privacy Counseling & Incident Response
Utilizing his technical background, Matthew advises clients on a wide range of cybersecurity and privacy issues. Matthew regularly counsels clients through responding to and managing cyber incidents and data breaches, and he has experience covering the full incident response lifecycle. Matthew has helped numerous clients develop or modernize their incident response programs and other cyber-related corporate policies and procedures, across industries that include energy & critical infrastructure, finance & banking, government contractors, media, hospitality, and IT service providers. He has also led privileged investigations, conducted tabletop simulations and other training exercises, interacted with regulators and law enforcement, and counseled clients through a diverse range of cybersecurity-related disputes.
M&A and Corporate Transactions
Matthew frequently represents companies in technology-focused M&A activities and has significant experience with cybersecurity and privacy-related transactional due diligence and post-merger integration matters for both buyers and sellers across a broad range of industries. Matthew’s experience also includes helping clients develop novel information technology due diligence programs and counseling clients through incident response and forensic investigations arising in the course of M&A activities. Matthew additionally advises clients on a wide range of commercial transactions involving cybersecurity and other technology-related issues.
Blockchain & Distributed Ledger Technology (DLT)
Matthew is an active leader in the firm’s Blockchain and DLT practice, where he is a Business Lead in Crowell’s Digital Transformation initiative. He advises clients on security and regulatory issues related to blockchain applications, helps clients navigate service provider relationships, and is currently engaged with clients developing novel blockchain and DLT projects in multiple industries. Matthew frequently speaks and conducts trainings on blockchain-related issues, both publicly and for clients.
Energy, Project Development & Appliance Conservation Standards
Matthew also has considerable experience in the energy sector, representing clients in a range of regulatory, transactional, policy, and litigation-related issues at the state and federal levels, including matters before the Federal Energy Regulatory Commission (FERC) and state regulatory commissions. Matthew has significant experience in energy project development, and the projects he has worked on include renewable energy (wind, solar and biomass), energy storage, natural gas, and coal-fired generation facilities. His clients include wind and solar developers, merchant generators, integrated utilities, rural electric cooperatives, municipal utilities, manufacturers of equipment, and industrial wholesale customers. Matthew also counsels clients on NERC reliability standards.
Additionally, Matthew has advised numerous clients on appliance energy conservation standards before the U.S. Department of Energy (DOE), including multiple appeals to FERC under the Energy Policy and Conservation Act (EPCA), and before the California Energy Commission (CEC).
Matthew graduated with honors from Indiana University's Kelley School of Business in 2002 with a B.S. in business administration and a concentration in computer information systems. He also has a minor in Spanish.
Matthew received his law degree from the Georgetown University Law Center in 2010, where he served as the managing editor of the Georgetown Journal of Law and Public Policy. During law school, Matthew twice clerked for Sen. John Cornyn on the United States Senate Committee on the Judiciary.
Matthew is a leader in Crowell & Moring’s Blockchain / Distributed Ledger Technology (DLT) practice and speaks frequently on blockchain and DLT issues. He is currently a vice chair of the ABA’s Privacy and Computer Crime Committee of its Science & Technology Law section.
Prior to practicing law, Matthew was a software developer and management consultant with PricewaterhouseCoopers, IBM, and Accenture.
Cybersecurity and Privacy Counseling & Incident Response
Utilizing his technical background, Matthew advises clients on a wide range of cybersecurity and privacy issues. Matthew regularly counsels clients through responding to and managing cyber incidents and data breaches, and he has experience covering the full incident response lifecycle. Matthew has helped numerous clients develop or modernize their incident response programs and other cyber-related corporate policies and procedures, across industries that include energy & critical infrastructure, finance & banking, government contractors, media, hospitality, and IT service providers. He has also led privileged investigations, conducted tabletop simulations and other training exercises, interacted with regulators and law enforcement, and counseled clients through a diverse range of cybersecurity-related disputes.
M&A and Corporate Transactions
Matthew frequently represents companies in technology-focused M&A activities and has significant experience with cybersecurity and privacy-related transactional due diligence and post-merger integration matters for both buyers and sellers across a broad range of industries. Matthew’s experience also includes helping clients develop novel information technology due diligence programs and counseling clients through incident response and forensic investigations arising in the course of M&A activities. Matthew additionally advises clients on a wide range of commercial transactions involving cybersecurity and other technology-related issues.
Blockchain & Distributed Ledger Technology (DLT)
Matthew is an active leader in the firm’s Blockchain and DLT practice, where he is a Business Lead in Crowell’s Digital Transformation initiative. He advises clients on security and regulatory issues related to blockchain applications, helps clients navigate service provider relationships, and is currently engaged with clients developing novel blockchain and DLT projects in multiple industries. Matthew frequently speaks and conducts trainings on blockchain-related issues, both publicly and for clients.
Energy, Project Development & Appliance Conservation Standards
Matthew also has considerable experience in the energy sector, representing clients in a range of regulatory, transactional, policy, and litigation-related issues at the state and federal levels, including matters before the Federal Energy Regulatory Commission (FERC) and state regulatory commissions. Matthew has significant experience in energy project development, and the projects he has worked on include renewable energy (wind, solar and biomass), energy storage, natural gas, and coal-fired generation facilities. His clients include wind and solar developers, merchant generators, integrated utilities, rural electric cooperatives, municipal utilities, manufacturers of equipment, and industrial wholesale customers. Matthew also counsels clients on NERC reliability standards.
Additionally, Matthew has advised numerous clients on appliance energy conservation standards before the U.S. Department of Energy (DOE), including multiple appeals to FERC under the Energy Policy and Conservation Act (EPCA), and before the California Energy Commission (CEC).
Matthew graduated with honors from Indiana University's Kelley School of Business in 2002 with a B.S. in business administration and a concentration in computer information systems. He also has a minor in Spanish.
Matthew received his law degree from the Georgetown University Law Center in 2010, where he served as the managing editor of the Georgetown Journal of Law and Public Policy. During law school, Matthew twice clerked for Sen. John Cornyn on the United States Senate Committee on the Judiciary.
Career & Education
- Georgetown University Law Center, J.D., 2010
- Indiana University, B.S., with honors, 2002
- Georgetown University Law Center, J.D., 2010
- Indiana University, B.S., with honors, 2002
- District of Columbia
- Virginia
- District of Columbia
- Virginia
Matthew's Insights
Press Coverage | 04.17.24
NH, KY Join Patchwork Of States' Data Privacy Laws ‘Squarely In The Middle’
Speaking Engagement | 04.04.24
"Armortext: When Your Communications Betray You, Where Do You Turn?," LS-ISAO New York Workshop, New York, NY
Event | 04.04.24
Publication | 01.10.24
Insights
Press Coverage | 04.17.24
Speaking Engagement | 04.04.24
The Global Uptake of the NIST Cybersecurity Framework
|02.15.16
Cybersecurity Law & Practice, Volume: 2 Issue: 2
Key Privacy & Cybersecurity Developments: September 14 – 20, 2015
|09.23.15
Crowell & Moring's Data Law Insights
"Armortext: When Your Communications Betray You, Where Do You Turn?," LS-ISAO New York Workshop, New York, NY
|04.04.24
"Arresting Disaster: Driving Incident Response in Cyber-Regulated Europe in an Age of AI Threats," Cyberevolution
|11.14.23
Financial Crimes Committee Quarterly Meeting, Bankers Association for Finance and Trade
|09.12.23
NH, KY Join Patchwork Of States' Data Privacy Laws ‘Squarely In The Middle’
|04.17.24
LegalTech News
Impacts of the National Cybersecurity Strategy on Government and Private Sector Collaboration
|06.15.23
Crowell & Moring’s Data Law Insights
EPCA Compliance: What Appliance Manufacturers (and Importers) Need to Know
|02.21.19
Crowell & Moring's Retail & Consumer Products Law Observer
Colorado’s New Data Privacy Bill Increases Notification and Safeguarding Requirements
|07.17.18
Crowell & Moring's Data Law Insights
Seventh Circuit Revives Data Breach Case Despite No Evidence Of Monetary Harm
|04.24.18
Crowell & Moring's Data Law Insights
FERC Proposes to Require Expanded Cyber Security Incident Reporting
|01.17.18
Crowell & Moring's Data Law Insights
Privacy & Cybersecurity Weekly News Update – Week of August 28
|09.09.16
Crowell & Moring's Data Law Insights
Privacy & Cybersecurity Weekly News Update – Week of August 14
|09.01.16
Crowell & Moring's Data Law Insights
Privacy & Cybersecurity Weekly News Update Week of August 7
|08.19.16
Crowell & Moring's Data Law Insights
Privacy & Cybersecurity Weekly News Update – Week of July 31
|08.11.16
Crowell & Moring's Data Law Insights
Matthew's Insights
Press Coverage | 04.17.24
NH, KY Join Patchwork Of States' Data Privacy Laws ‘Squarely In The Middle’
Speaking Engagement | 04.04.24
"Armortext: When Your Communications Betray You, Where Do You Turn?," LS-ISAO New York Workshop, New York, NY
Event | 04.04.24
Publication | 01.10.24