Christopher Ballod

426 W. Lancaster Avenue, Suite 200
Devon, PA 19333

Office: (267) 930-6785


Widener University Delaware Law School
Juris Doctor

Pennsylvania State University
Bachelor of Arts, English


  • Pennsylvania
  • U.S. District Court for the Eastern District of Pennsylvania
  • U.S. District Court for the Middle District of Pennsylvania
  • U.S. District Court for the Western District of Pennsylvania

Practice Areas

Professional Memberships

  • International Association of Privacy Professionals (IAPP)


  • U.S. Certified Information Privacy Professional (CIPP/US)
  • Europe Certified Information Privacy Professional (CIPP/E)

Christopher Ballod is a Partner in Mullen Coughlin’s Incident Response practice group, based in Philadelphia, Pennsylvania. He leverages years of experience both as incident response/Breach Coach counsel and as a Managing Director at a top-tier digital forensics and incident response (DFIR) firm leading investigations.

As an organization’s Breach Coach, he coordinates the response and investigation of data privacy and security incidents – working closely with external partners such as cyber insurance carriers and brokers, DFIR firms, law enforcement, the victim organization’s internal incident response team and others – to contain the incident and mitigate its effects on the organization’s network and business operations effectively and efficiently. He then counsels the organization on their legal, regulatory and contractual obligations stemming from the incident to ensure that any individual/business partner notification and reporting is effectuated in a legally-compliant and timely fashion. He also assists victim organizations in responding to U.S. state, federal and industry-related regulatory agencies, as well as state Attorney Generals’ and other regulators.

Chris also utilizes his incident response experience by counseling organizations with pre-incident and proactive Advisory Compliance solutions. This experience includes:

  • Negotiation and drafting of vendor agreements – such as cloud data hosting agreements; software support agreements; telecommunications contracts; cloud-based human resources management services; and online reservation service agreements – providing terms for defense, indemnification and incident response costs in the event of a data privacy and security incident;
  • Counseling during the assessment of risks and placement of cyber liability coverage;
  • Incident preparation counseling, including Cyber Incident Response Tabletop Exercises, practicing incident response procedures and multi-day stakeholder “boot camps” training key personnel in all aspects of risk management and response;
  • Drafting of privacy policy statements;
  • Preparation of terms-of service-agreements, Anti-Money Laundering (AML) policies and ancillary agreements for web-based crowdfunding ventures;
  • Transactional counseling, including compliance assessment during due diligence; and

Compliance with appropriate legal frameworks such as the Health Insurance Portability and Accountability Act (HIPAA); the Gramm-Leach-Bliley Act (GLBA); the California Consumer Privacy Act (CCPA), and its amendment the California Privacy Rights Act (CPRA); the Virginia Consumer Data Protection Act (VCDPA); the Colorado Privacy Act (CPA); the Utah Consumer Privacy Act (UCPA); and the European Union’s General Data Protection Regulation (GDPR).

Chris is well-versed in handling all types of data privacy and security incidents, with significant experience in handling large-scale ransomware incidents gained while a Managing Director of a cybersecurity risk management and DFIR firm prior to joining Mullen Coughlin. There, he led five DFIR teams, as well as incident recovery teams; the cryptocurrency team; the Neutral Intermediary practice; the claims review services; and the expert witness services team. As lead for those teams and services, he coordinated and analyzed data privacy and security incident forensic evidence to identify threat actors and vectors, network movement, data exfiltration and communications with external entities at the direction of incident response counsel.

Chris is also the former Vice-Chair of his previous law firm’s Data Privacy and Security Team. In addition to managing a large team of data privacy attorneys in the firm’s Incident Response practice, he counseled and assisted organizations with pre-incident Advisory Compliance solutions such as Incident Response Plan (IRP) development, negotiation and drafting of vendor agreements and compliance with U.S. state and federals laws and regulations.

Chris’ contributions to the efforts to stop cybercrime have been recognized by the Federal Bureau of Investigation (FBI).


  • “Security Incidents: Learning From Mistakes,” RIMS RISKWORLD 2024, San Diego, CA, May 6, 2024
  • “Policies and Procedures to Protect Against Privacy Violations,” ALM Complex Claims Conference, February 27, 2024
  • “Dissecting a Forensic Investigation,” NetDiligence Cyber Risk Summit 2024, Miami, FL, February 13, 2024
  • “Cyber Risks Facing the Energy Sector,” Aegis Policyholders’ Conference, San Diego, CA, July 13, 2023
  • “Ransomware and Insurance,” Incident Response Forum Ransomware 2023, Virtual, January 12, 2023
  • “Managing Ransomware Attacks,” Aegis Policyholders’ Conference, Denver, CO, July 12, 2022
  • “The New Frontier with Jordan L. Fisher,” American Bar Association (ABA) Podcast, May 17, 2022
  • “Cyber Risk Mitigation Strategies During a Time of Geopolitical Uncertainty,” Association of Corporate Counsel (ACC), May 3, 2022
  • “Cyber Issues for Lawyers,” New Jersey State Bar Association, Virtual, April 25, 2022
  • “Ransomware: Taking a Deeper Look,” Brown & Brown, Virtual, April 7, 2022
  • “Single-Point of Failure and Supply Chain Breaches – A Deep Dive,” 10th Annual Cyber Liability Insurance ExecuSummit, Uncasville, CT, March 22, 2022
  • “Attorney-Client Privilege in Incident Response,” NetDiligence Cyber Risk Summit 2022, Fort Lauderdale, FL, February 2, 2022
  • “Ransomware Attacks Before and After: Preparation, Governance, Training and Remediation,” Incident Response Forum Ransomware 2022, Virtual, January 13, 2022
  • “Managing, Transferring and Absorbing Cyber Risk in Third-Party Breaches,” American Bar Association (ABA) Webinar, Virtual, November 17, 2021
  • “Ransomware Attacks and Incident Response,” New York Law School, New York, NY, October 28, 2021
  • “Ransomware Everywhere!,” National Cyber-Forensics and Training Alliance (NCFTA) Cybercrime Forum, September 14, 2021
  • “Incident Response Planning,” NetDiligence Webinar, Virtual, May 2021
  • “Infrastructure and Network Segmentation,” NetDiligence Webinar, Virtual, May 2021
  • “Finding Exfiltration: Threat Actor Toolkit,” Kroll DFIR Global, April 2, 2021
  • “Counsel’s Guide to SolarWinds: What Happened and Why it Matters,” Cleveland Bar Association, February 18, 2021
  • “Board Oversight of Cybersecurity,” Beazley Insurance, March 10, 2021
  • “Cybersecurity for Public Contracts,” American Bar Association (ABA) Public Contracts Section, February 25, 2021
  • “Ransomware Research,” TechStrong TV, November 2, 2020
  • “Incident Response in a Ransomware Incident,” Flashpoint User Conference, October 23, 2020
  • “A Holistic View on Ransomware,” Advisen @Home Webinar, Virtual, October 20, 2020
  • “COVID-19 and the Surge in Retail Cyber Threats,” Kroll Cyber Risk Conference, Virtual, July 8, 2020
  • “Spring School Law Forum,” NJ Association of School Attorneys, June 17, 2020
  • “Legislative Update on Data Privacy: How to Respond to Data Security Incidents in a New Global Legislative Age,” 8th Annual Cyber Liability Insurance ExecuSummit, Uncasville, CT, March 19, 2019
  • “Update on Cybersecurity,” Insuring the Future of Manufacturing Forum, September 13, 2018


  • “Legal Tech’s Predictions for Cybersecurity in 2023,” LegalTech News, January 6, 2023
  • “Timely Versus Accurate: DoD Struggles Shed Light on Cyber Incident Reporting Challenges,” Federal News Network, November 11, 2022
  • “Law Firms’ Tech Dilemma: Too Many Users and Not Enough IT Professionals,” LegalTech News, October 11, 2021
  • “Essential for Privacy Compliance, Data Mapping Has a Tech and Expense Problem,” LegalTech News, September 23, 2021
  • “Four States Propose Laws to Ban Ransomware Payments,” CSO Online, June 28, 2021
  • “Why Backups Are Not the Panacea for Recovery from a Ransomware Attack,” SC Media, June 17, 2021
  • “Five Important Conversations Legal Departments Should Have with Tech Vendors,” LegalTech News, June 2, 2021
  • “Ireland’s Health Service Warns Staff Not to Use Work Devices,” WSJ Pro, May 28, 2021
  • “Data Vendors Used to Have Unlimited Liability for Breaches, But Not Anymore,” American Lawyer, May 3, 2021
  • “Who You Gonna Call When There’s Something Strange in Your Network – Ghostbusters or Your Outside Counsel,” Corporate Counsel, April 29, 2021
  • “Wanted: A Bridge Between Lawyers and the IT Department,” LegalTech News, April 2, 2021
  • “Going Remote Was Hard, Staying Remote May Be Harder,” LegalTech News, March 29, 2021
  • “Accellion Breach Highlights Need for Law Firms to Vet Vendors,” Bloomberg, February 18, 2021
  • “Goodwin Procter Says It Was Hit by Data Breach of Vendor,” Bloomberg, February 2, 2021
  • “In-House, Firms Tackle Pandemic Regulatory Privacy Challenges,” Bloomberg, December 22, 2020
  • “Vastaamo Breach: Is Blackmailing Individual Customers the Next Extortion Trend,” SC Media, November 4, 2020
  • “Despite Patchwork Regulatory Landscape, Companies Aren’t Backing Away from Biometric Identifiers,” Corporate Counsel, September 17, 2020
  • “Ex-Lewis Brisbois Attorney to Help Lead Kroll’s Cybersecurity Unit,” Law360, September 11, 2020
  • “Good Help Is (Still) Hard to Find in Legal IT and Cybersecurity,” LegalTech News, August 5, 2020
  • “Law Firms’ Liability for Wire Fraud Scams,” American Lawyer, July 29, 2020