J.J. Jones
Partner | Washington, D.C.
J.J. Jones

J.J. Jones focuses her practice on cybersecurity incident response, crisis management, data governance centered risk management, cybersecurity and AI regulatory compliance, advising complex global organizations on their most critical security, privacy and AI challenges. Ms. Jones draws on two decades of integrated experience spanning senior in-house leadership at major technology companies, defense of federal agencies in civil litigation matters, and white collar criminal defense and complex commercial litigation in private practice.

Most recently at Microsoft, Ms. Jones served as senior director in the Office of the Chief Information Security Officer (CISO), where she led the company's external communications for critical security, AI and data breach incidents, as well as customer-impacting security vulnerabilities in products, with a focus on preserving customer trust and protecting brand value, while minimizing legal risk.  She particularly enjoys leveraging her unique crisis communications experience building communications plans and operationalizing communications strategies for customer-impacting security events as part of her incident response counseling services.  She has provided legal oversight for over 600 cybersecurity incidents and/or data breach responses as the lead cybersecurity counsel responsible for minimizing, mitigating, and managing legal and regulatory risk.  Her incident response and consumer protection regulatory defense experience  includes successfully defending and resolving related plaintiffs’ litigation and regulatory inquiries and actions before a variety of U.S. federal (DOJ, SEC, CFPB, FTC, FINRA, OCC, HHS) and state (AGs, NYDFS, CCPA) and global privacy and cybersecurity regulators.  She thoughtfully incorporates this experience when counseling clients about data risk mitigation strategies partnering holistically to reduce privacy, data security, and AI adoption-related risks.

As assistant general counsel for cybersecurity regulatory strategy, compliance and operations at Microsoft, Ms. Jones advised the Global CISO and senior security leadership across security operations and the cybersecurity business on legal risk management, incident and data breach response, global cybersecurity, privacy, consumer protections and AI regulatory compliance, compliance, cybersecurity products and services, due diligence and integrations of acquired cybersecurity companies, government and industry partnerships and threat intelligence sharing,, and cybersecurity policy. She also served as strategy counsel at Google, navigating consumer protection regulatory inquiries and investigations, managing high-stakes security and privacy incidents and developing regulatory compliance strategies and programs for the evolving global landscape of data security, AI and consumer protection regulation – all further deepening her understanding of the regulatory pressures facing global technology companies and organizations adopting new AI technologies.

Before her in-house career, Ms. Jones served as an Assistant United States Attorney in the District of Maryland and as a litigator at global law firms, building a foundation in high-stakes advocacy and legal risk mitigation that informs her pragmatic, risk-based approach to crisis communications, compliance programs and litigation strategy.  Ms. Jones is a trusted business advisor with demonstrated experience optimizing and simplifying crisis management and decision-making across highly matrixed organizations. 

Services
    • Georgia Institute of Technology, B.S., Industrial Engineering, 2004
    • Samford University, Cumberland School of Law, J.D., cum laude, 2007
    • University of Hong Kong, 2007
    • Admitted in Virginia, Georgia, D.C. and Washington. Not admitted in California

Related News & Insights

Resources relating to J.J. Jones