Stephenie Gosnell Handler
Partner
Stephenie Gosnell Handler is a partner in Gibson Dunn’s Washington, D.C. and Munich offices and a trusted advisor to global companies on cybersecurity, data governance, and technology-driven regulatory and national security risk.
Stephenie counsels multinational organizations across the full lifecycle of cybersecurity — from proactive regulatory strategy, governance design, and preparedness to managing major cyber incidents and strengthening resilience and compliance post-event. She represents clients in high-impact data breaches and cyber incidents involving nation-state threat actors, ransomware and extortion groups, supply chain compromises, insider threats, and widespread cross-border data exposures. She leads incident response engagements, coordinating with technical experts and regulators while guiding global notification strategies, executive and board engagement, and interactions with regulatory authorities, including the SEC, DOJ, and states attorneys general.
Her counseling practice encompasses a broad range of advisory work on cybersecurity requirements, data and technology governance, AI and data-risk frameworks, data localization and cross-border transfer strategies, digital-transformation risk, and enterprise cybersecurity and third-party risk programs. She regularly partners with boards and senior leadership to align governance with evolving regulatory expectations, compliance drivers, and enterprise risk objectives.
Stephenie maintains a robust CFIUS practice that leverages her leading cybersecurity, emerging technologies, and data governance expertise. She helps clients on both the buy- and sell-side understand and develop strategies to manage complex national security risks across the transaction life cycle, including fund formation and transaction structuring, as well as navigating the CFIUS filing process and negotiation of mitigation agreements.
Stephenie’s deep export controls experience with the ITAR and EAR informs her counseling for national security and national security-adjacent matters, including development of compliance guardrails for AI models and cybersecurity program development to reflect regulated data requirements. Stephenie serves as co-chair of the Firm’s Department of Justice’s Data Security Program Task Force, counseling clients on the regulatory requirements establishing national security restrictions on access to bulk sensitive personal data.
She brings deep operational insight from her prior role as McKinsey & Company’s Director of Cybersecurity Strategy and Digital Acceleration, where she led the firm’s global cybersecurity program, enterprise cyber standards and certifications, and technology and data governance initiatives. She also previously led McKinsey’s in-house cybersecurity legal function, counseling global teams on cyber regulations, threat-driven risk management, and incident readiness.
Stephenie’s counsel has been recognized in leading industry guides, including Lawdragon’s 500 Leading Global Cyber Lawyers and 100 Leading AI & Legal Tech Advisors, Foreign Investment Watch’s Top Advisors, as a Distinguished Adviser in Financier Worldwide’s Power Players: Foreign Investment & National Security, and as a Thompson Reuters Stand-Out Lawyer. Stephenie also served as the Chair of the Future of Privacy Forum’s Privacy and Cybersecurity Advisory Committee. She is a frequent speaker on the topics of cybersecurity, emerging technologies, national security, and navigating the evolving regulatory and geopolitical landscape. Stephenie is also Chair of the Firm’s Cybersecurity and Data Governance Committee.
Prior to her legal career, Stephenie served as a U.S. Marine Corps officer, deploying to Iraq and throughout Asia as a logistics and political-miliary officer. She holds degrees from Stanford Law School, Georgetown University, and the U.S. Naval Academy.
Capabilities
- Privacy, Cybersecurity, and Data Innovation
- Artificial Intelligence
- Consumer Protection
- International Trade Advisory and Enforcement
- National Security
- Tech and Innovation
Credentials
Education:
- Stanford University - 2011 Juris Doctor
- Georgetown University - 2001 Master of Arts
- U.S. Naval Academy - 2001 Bachelor of Science
Admissions:
- District of Columbia Bar
- Germany - Member of the Munich Bar Association
- Maine Bar
- New York Bar