Shawn E. Tuma

Shawn Tuma is a business lawyer with an internationally recognized reputation in cybersecurity, computer fraud and data privacy law. He is a Cybersecurity & Data Protection Partner at Scheef & Stone, LLP, a full-service commercial law firm in Texas that represents businesses of all sizes throughout the United States and, through its Mackrell International network, throughout the world. Shawn's ideal role is to serve as an outside member of a company’s team to proactively prepare for and minimize its risks of doing business in the digital environment of today’s modern business world. He has been working in cybersecurity since before Y2K and, after years of helping businesses prepare for cybersecurity legal risks, he has developed a unique expertise that allows him to help businesses assess the specific risks they face, audit their existing preparation and defenses, develop a strategy to minimize the identified risks based on threat level, and then execute the plan by developing and implementing protocols, policies, training, and coordinating third party assistance needed to effectively protect the business, complying with their legal and regulatory cybersecurity risks. Shawn serves the Bar and Profession in many capacities and has been selected for several professional honors: • Board of Directors, North Texas Cyber Forensics Lab • Board of Directors & General Counsel, Cyber Future Foundation • D Magazine Best Lawyers in Dallas 2014 - 2016 (Digital Information Law) • Texas SuperLawyers 2015 - 2016 (Intellectual Property Litigation) • Council, Computer and Technology Section, State Bar of Texas • Chair, Collin County Bar Association Civil Litigation & Appellate Section • College of the State Bar of Texas • Privacy and Data Security Committee of the State Bar of Texas • Litigation, Intellectual Property, and Business Sections, State Bar of Texas • Information Security Committee of the Section on Science & Technology Committee of the American Bar Association • Social Media Committee of the American Bar Association • North Texas Crime Commission, Cybercrime Committee • Information Systems Security Association (ISSA) • International Association of Privacy Professionals (IAPP) • Advisory Board, Optiv Security (fka Accuvant + FishNet Security) • Contributor, Norse’s DarkMatters • Editor, Cybersecurity Business Law Blog Shawn is an accomplished author with several published works on various legal-technology topics. He is a frequent speaker on business cyber risk issues such as cybersecurity, computer fraud, data privacy, and social media law. You can reach Shawn by telephone at 214.472.2135, or email him at A list of Shawn’s recent presentations and publications is available here:

Verizon Requires $350 Million Discount and Yahoo Share in Data Breach Liability — Good Deal?

UPDATE: Yahoo Shareholders Sue Over Massive Data Breaches (Law 360 paywall) Verizon and Yahoo have renegotiated their deal in the wake of Yahoo’s revelations of its past data breaches. Verizon had agreed to pay $4.8 billion for Yahoo’s Internet business in July 2016, but that was before Yahoo disclosed that it had two of the largest data […]


David Beckham’s Exposed Emails Exemplify Shame Hacking Threat

Hackers have obtained David Beckham’s embarrassing emails from his advisors in an extortion plot in which the advisors were told “pay up or we’ll release emails,” according to a recent news report. When the advisors refused to pay the £1million demand, the hackers released the emails. This is yet another example of what I call shame hacking, a topic […]


Stolen Laptop + 3,800 PHI Records = $3.2 Millon Penalty

That’s right, Children’s Medical Center had 1 unencrypted laptop stolen that had protected health information (PHI) for 3800 patients. This stolen laptop was absolutely considered a data breach and resulted in a fine of $3.2 million.  Still think data breaches are not serious business?  Read more: Children’s Medical Center Pays Federal Fine Over Data Breach « […]