Mullen Coughlin, Cybersecurity & Data Privacy
Cybersecurity & Data Privacy
Mullen Coughlin LLC is a law firm uniquely dedicated exclusively to representing organizations facing data privacy events, information security incidents, and the need to address these risks before a crisis hits. Founded by John Mullen, Jennifer Coughlin, Jim Prendergast, and Chris DiIenno, our team of accessible and motivated attorneys have handled thousands of events and possess experience and talent in data breach response, regulatory investigation defense, pre-breach planning and compliance, and privacy litigation defense unmatched in the industry.
Meet Our Team
Gregory Bautista is a Partner at Mullen Coughlin and an experienced cybersecurity attorney and civil litigator. Mr. Bautista specializes in […]
Brian F. Fox
Brian Fox focuses his practice on privacy and data security matters, helping clients navigate the various state, federal and international laws that govern the protection of data. When a privacy event occurs, he assists clients with locating the source of the breach, identifies affected individuals and prepares the legally required notice to individuals and regulatory officials.
Angelina W. Freind
Angelina Freind is a Partner with Mullen Coughlin, LLC. Ms. Freind assists clients with the preparation for and response to data security incidents.
Paulyne has spent her entire legal career focused on the management of complex litigation matters. She has extensive experience in […]
Amanda Harvey is a Partner at Mullen Coughlin and focuses her practice on providing organizations of all sizes and from […]
Lynda Jensen is a Partner at Mullen Coughlin and an experienced privacy, cybersecurity and incident response attorney. Ms. Jensen focuses […]
Greg Lederman is a Partner at Mullen Coughlin and concentrates his practice on data privacy and cybersecurity beginning with the […]
Ryan C. Loughlin
Ryan Loughlin’s practice focuses on assisting clients to prepare for, minimize and respond to data security incidents. Mr. Loughlin guides […]
Claudia D. McCarron
Claudia McCarron, a partner at Mullen Coughlin, is a member of the Data Privacy & Network Security Practice and also […]
Paul T. McGurkin, Jr.
Paul McGurkin is a Partner with Mullen Coughlin LLC. Mr. McGurkin focuses exclusively on assisting clients prepare for and respond to data security incidents and breaches including regulatory investigations and inquiries.
Firm News & Events
Cyber Attack Simulation: All The Right Moves
Through a simulated ransomware attack, attendees will experience an “all-too-real” scenario that occurs in many organizations. Jenn and John will give attendees the information they need to know in order to assess their organizations level of risk for a ransomware attack and what actions they should take before, during and after a cyber attack.
This year’s annual conference will be held virtually from April 19-30, 2021.For more information about the conference, sessions and to register, visit the RIMS 2021 conference website.
Jennifer Coughlin Selected As Member of “Incident Response 40” By Cybersecurity Docket
Mullen Coughlin Partner Jennifer Coughlin was selected to Cybersecurity Docket’s inaugural “Incident Response 40” at the Incident Response Forum Masterclass 2021 on April 8, 2021. The “Incident Response 40” is a list of the 40 best data breach response lawyers from the top firms in cybersecurity, including Mullen Coughlin LLC.
Jennifer was also honored in 2020, 2019 and 2018 as a member of the “Incident Response 30.”
As the cybersecurity industry grows, Jenn and the Mullen Coughlin team continue to set the standard as true leaders in the industry.
Draft Presidential Executive Order Would Require Software Vendors and Service Providers to Disclose Cybersecurity Breaches to Federal Customers
The Biden Administration is close to signing an Executive Order (EO) that will create a federal requirement for vendors who sell their products and/or services to government customers to, among other things, disclose any cybersecurity breach to those government customers. This comes on the heels of the massive hack of SolarWinds Corp., giving Russian hackers unauthorized access to thousands of government offices and other companies that used SolarWinds products (not to mention the even more recent Microsoft “Zero-Day” exploit). The EO is expected to be finalized in the upcoming weeks, and no decision on the final content has been decided yet.
The draft’s disclosure requirement is one aspect of the draft EO that will likely have an immediate impact to vendors. Currently drafted, a reporting timeframe is not noted, nor is the definition of a “reportable event.” The requirement hopes to allow government officials to understand data security events and override non-disclosure agreements that are typically signed when software moves from the private sector to the public sector limiting the sharing of information. The EO would also include many measures that are commonplace among other industries, such as:
- adopting multi-factor authentication;
- encrypting sensitive data;
- preserving digital records; and
- working with federal agencies after an incident occurs.
Additionally, the EO would create a federal cybersecurity incident response board comprised of representatives from federal agencies and cybersecurity companies that would encourage all parties, including victims, to share information.
It will be important for all software vendors and service providers that provide their products and services to government customers to understand the new requirements, particularly the timing of notification and what constitutes a “reportable event,” as they continue to contract with federal agencies.
Mullen Coughlin will continue to monitor the draft EO. If signed by President Biden, we will provide an update on what it means for software/service provider companies with federal customers. If you have any questions about how this may affect your company, please contact Chris DiIenno (267.930.4775; ) or any other Mullen Coughlin attorney.