Overview
(July 13, 2026, Washington, DC) – Steptoe LLP is pleased to announce that partner Michael G. Gruden has joined the firm's Washington, DC office, where he will lead the firm's Cybersecurity practice. His arrival significantly expands Steptoe's global regulatory capabilities and reflects the firm’s continued investment in a premier, integrated cybersecurity offering at the intersection of technology, compliance, and international corporate risk.
The move comes at a time when the explosion in artificial intelligence alongside a stressed geopolitical environment is placing an unprecedented strain on enterprise cybersecurity operations.
Michael is an accomplished cybersecurity attorney who serves as a primary advisor to global hyperscalers and multinational companies across critical infrastructure and heavily regulated sectors—including aerospace, defense, transportation, aviation, financial services, and energy. His practice spans the full lifecycle of digital risk and compliance. He is widely recognized for his unique technical proficiency in managing sophisticated data breaches and high-stakes incident response, conducting privileged technical compliance assessments, and defending clients in high-profile regulatory investigations. He also brings deep experience navigating False Claims Act exposure and cyber whistleblower investigations.
Before entering private practice, Michael served in senior procurement roles at the US Department of Defense and the US Department of Homeland Security. As a Branch Chief and Supervisory Contracting Officer within the Office of the Secretary of Defense, he managed information technology procurements and contracting activities for the Pentagon.
"Cybersecurity now sits at the center of government contracting, regulatory enforcement, and enterprise risk," said Steptoe Chair Gwen Renigar. "Michael strengthens a practice uniquely positioned at that intersection—advising on contractor compliance, supply chain security, and incident response—areas where client demand continues to grow."
Michael routinely guides multinational clients through the critical phases of a data crisis—determining intricate contractual and regulatory notice obligations, managing related crisis communications, and overseeing mandatory and voluntary regulatory disclosures. He also works proactively with corporate leadership to strengthen organizational preparedness through privileged cybersecurity tabletop exercises and compliance reviews designed to withstand rigorous enforcement scrutiny.
"Multinational enterprises and global hyperscalers are navigating an incredibly complex, fast-moving threat landscape where international regulations, technical standards like CMMC, and massive enforcement risks collide," said Gruden. "Steptoe's elite litigation bench and deep regulatory roots provide the perfect, integrated platform to help clients secure their global supply chains, proactively assess their compliance posture, and respond decisively to sophisticated data breaches. I am excited to lead and scale this practice at such a pivotal moment for our clients."
Steptoe's Cybersecurity practice combines technical regulatory compliance, robust investigation defense, and data breach response capabilities with significant experience managing cross-border digital risk. The practice serves a strong and growing client base that includes Fortune 500 companies, global critical infrastructure operators, and leading technology organizations.
Michael serves on the Appeals Board of the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body (The Cyber AB) and is a Registered Practitioner. He is also a Certified Information Professional with a US government concentration (CIPP/G) and chairs the American Bar Association Science & Technology Section's Homeland Security Committee.
Michael earned his J.D. from Georgetown University Law Center, where he served as an Editor of the Journal of National Security Law & Policy.
About Steptoe
In more than 110 years of practice, Steptoe has earned an international reputation for vigorous representation of clients and innovative thinking before governmental agencies, successful advocacy in litigation and arbitration, and creative and practical advice in structuring business transactions. Steptoe has more than 500 lawyers and other professional staff across offices in Beijing, Brussels, Chicago, Hong Kong, Houston, London, Los Angeles, New York, San Francisco, and Washington, DC. For more information, visit www.steptoe.com.