John Sarlitto is an associate in Sullivan & Cromwell’s Litigation Group and a member of the Firm’s Cybersecurity and Criminal Defense and Investigations Groups.
Mr. Sarlitto counsels companies on the management of cybersecurity risk before, during, and after the occurrence of a cybersecurity incident. As breach counsel, he has experience advising companies following major ransomware attacks, cyber-extortion schemes, and other data security incidents. He also advises companies on cybersecurity best practices and compliance with evolving regulatory guidance.
Mr. Sarlitto’s litigation practice focuses on white collar criminal defense and complex government and internal investigations, including matters related to market manipulation, accounting fraud, tax evasion, BSA/AML controls, and digital assets. He has represented companies, financial institutions, and individuals under criminal investigation by the Department of Justice and in enforcement matters before the Securities and Exchange Commission, the Commodity Futures Trading Commission, state attorneys general, and other regulators.
