-
Pre-breach planning
& CompliancePrivacy & Data SecurityLearn More -
Breach Response24/7 Crisis Management ServicesLearn More
-
Litigation DefenseSingle-Plaintiff or Class Action LitigationLearn More
-
Regulatory
Investigation
& ManagementCybersecurity and Data ProtectionLearn More
Mullen Coughlin, Cybersecurity & Data Privacy
Cybersecurity & Data Privacy
Mullen Coughlin LLC is a law firm uniquely dedicated exclusively to representing organizations facing data privacy events, information security incidents, and the need to address these risks before a crisis hits. Founded by John Mullen, Jennifer Coughlin, Jim Prendergast, and Chris DiIenno, our team of accessible and motivated attorneys have handled thousands of events and possess experience and talent in data breach response, regulatory investigation defense, pre-breach planning and compliance, and privacy litigation defense unmatched in the industry.
Firm News & Events
Cyber Attack Simulation: All The Right Moves
Partner Jenn Coughlin joins Gallagher’s Cyber Liability Practice Managing Director John Farley in a Cyber Attack Simulation at the 2021 RIMS Annual Conference on Monday, April 19.
Through a simulated ransomware attack, attendees will experience an “all-too-real” scenario that occurs in many organizations. Jenn and John will give attendees the information they need to know in order to assess their organizations level of risk for a ransomware attack and what actions they should take before, during and after a cyber attack.
This year’s annual conference will be held virtually from April 19-30, 2021.For more information about the conference, sessions and to register, visit the RIMS 2021 conference website.

Jennifer Coughlin Selected As Member of “Incident Response 40” By Cybersecurity Docket
Mullen Coughlin Partner Jennifer Coughlin was selected to Cybersecurity Docket’s inaugural “Incident Response 40” at the Incident Response Forum Masterclass 2021 on April 8, 2021. The “Incident Response 40” is a list of the 40 best data breach response lawyers from the top firms in cybersecurity, including Mullen Coughlin LLC.
Jennifer was also honored in 2020, 2019 and 2018 as a member of the “Incident Response 30.”
As the cybersecurity industry grows, Jenn and the Mullen Coughlin team continue to set the standard as true leaders in the industry.
Congratulations Jennifer!

Draft Presidential Executive Order Would Require Software Vendors and Service Providers to Disclose Cybersecurity Breaches to Federal Customers
The Biden Administration is close to signing an Executive Order (EO) that will create a federal requirement for vendors who sell their products and/or services to government customers to, among other things, disclose any cybersecurity breach to those government customers. This comes on the heels of the massive hack of SolarWinds Corp., giving Russian hackers unauthorized access to thousands of government offices and other companies that used SolarWinds products (not to mention the even more recent Microsoft “Zero-Day” exploit). The EO is expected to be finalized in the upcoming weeks, and no decision on the final content has been decided yet.
The draft’s disclosure requirement is one aspect of the draft EO that will likely have an immediate impact to vendors. Currently drafted, a reporting timeframe is not noted, nor is the definition of a “reportable event.” The requirement hopes to allow government officials to understand data security events and override non-disclosure agreements that are typically signed when software moves from the private sector to the public sector limiting the sharing of information. The EO would also include many measures that are commonplace among other industries, such as:
- adopting multi-factor authentication;
- encrypting sensitive data;
- preserving digital records; and
- working with federal agencies after an incident occurs.
Additionally, the EO would create a federal cybersecurity incident response board comprised of representatives from federal agencies and cybersecurity companies that would encourage all parties, including victims, to share information.
It will be important for all software vendors and service providers that provide their products and services to government customers to understand the new requirements, particularly the timing of notification and what constitutes a “reportable event,” as they continue to contract with federal agencies.
Mullen Coughlin will continue to monitor the draft EO. If signed by President Biden, we will provide an update on what it means for software/service provider companies with federal customers. If you have any questions about how this may affect your company, please contact Chris DiIenno (267.930.4775; ) or any other Mullen Coughlin attorney.