BREACH HOTLINE
844-885-1574

Professionals

J Coughlin

Jennifer A. Coughlin

Partner & Managing Member
426 W. Lancaster Avenue, Suite 200
Devon, PA 19333

Office: (267) 930-4774

Education

Widener University School of Law
Juris Doctor

Cabrini College
Bachelor of Arts, History and Political Science

Admission

  • Pennsylvania
  • U.S. District Court for the Eastern District of Pennsylvania
  • New Jersey
  • U.S. District Court for the District of New Jersey
  • New York
  • U.S. District Court for the Southern District of New York

Practice Areas

Jennifer A. Coughlin is a Founding Partner of Mullen Coughlin and its Managing Member, guiding the Firm in its commitment to provide effective and efficient data privacy and security legal services and develop, maintain and grow client and partner relationships. She focuses her legal practice solely on providing organizations of all sizes and from every industry sector in first-party data privacy and security incident response and third-party data privacy defense legal services.

Jenn has counseled hundreds of organizations in investigating and responding to data privacy and security incidents compromising protected data and network and system security, such as ransomware attacks, business email compromises (BECs) and other network intrusions, among others. She works closely with various organizational and third-party incident response stakeholders including cyber insurance claims teams; forensic investigation and data mining firms; law enforcement; and business partners. Once the incident is contained and the nature and scope is identified, she relies on her knowledge of state, federal and international laws, as well as industry-specific guidance and regulations to assist the victim organization with identifying and complying with legal obligations stemming from the incident. 

While Jenn has represented organizations from virtually every industry group, she has a particular focus on organizations within the healthcare and life sciences; financial services; hospitality and entertainment; retail/e-commerce; and professional services industry groups. She also represents these organizations with follow-up inquiries related to data privacy and security incidents by state, federal and international regulatory agencies, including state attorneys general; state insurance and health departments; the Federal Trade Commission (FTC); and the U.S. Department of Health and Human Services’ Office for Civil Rights (HHS-OCR). 

In addition to the first- and third-party legal services she provides, Jenn also assists organizations with pre-incident Advisory Compliance services. She routinely leads tabletop exercises and other training efforts for client’s employees, management and Board members. She also aids in data privacy and information security policy and procedure development, including the development of Incident Response Plans (IRPs). 

As the Firm’s Managing Member, Jenn leads the 115+ Mullen Coughlin attorneys in the provision of exceptional data privacy and security legal services and the management of client and third-party vendor relationships. She also, in collaboration with the Firm’s equity members and department chairs, oversees the development and implementation of legal, administrative and organizational strategies. 

Jenn is a frequent speaker and collaborator at industry, client and legal conferences and events. She is often sought after by organizations to present valuable information regarding incident response and data privacy to their teams and clients. In turn, she has developed strong relationships with cyber insurance carriers and brokers, industry thought leaders, third-party incident response partners and law enforcement. 

Prior to founding Mullen Coughlin with John Mullen, Chris DiIenno and Jim Prendergast (deceased) in 2016, Jenn was a Partner at a full-service law firm in their Data Privacy & Cybersecurity practice group. 

SPEAKING ENGAGEMENTS & PRESENTATIONS

  • “2024 Claims & Losses Update,” NetDiligence Cyber Risk Summit 2025, San Diego, CA, May 13, 2025
  • “Navigating Cyber Chaos: Lessons Learned from Recent Disruptions,” RIMS RISKWORLD 2025, Chicago, IL, May 7, 2025
  • “Cutting the Post-Strike Impact of Ransomware Attacks,” RIMS RISKWORLD 2025, Chicago, IL, May 6, 2025
  • “Incident Response: State of Play,” IR Forum Masterclass 2025, Washington, DC, April 22, 2025
  • “The Cyber-Crime Threat Landscape and Emerging Technologies,” Fidelity Law Association 30th Annual Conference, Philadelphia, PA, September 25, 2024
  • “Claims and Losses Update,” NetDiligence Cyber Risk Summit 2024, San Diego, CA, May 20, 2024
  • “Incident Response: State of Play,” Incident Response Forum Masterclass 2024, Virtual, April 18, 2024
  • “Cyber Attack Response,” Cyber Defense Connect, Hartford, CT, April 16, 2024
  • “Passwords Are Like Bed Sheets: Cyber Update and Everyday Tips for LPL Lawyers,” American Bar Association’s (ABA) Spring 2024 National Legal Malpractice Conference, New Orleans, LA, April 5, 2024
  • “Claims & Losses Update,” NetDiligence Cyber Risk Summit 2024, Miami, FL, February 13, 2024
  • “Challenges Associated with Cyber Claims in the UK/EU for Complex Breaches,” Intelligent Insurer Cyber Risk & Insurance Innovation Europe 2024, London, UK, February 8, 2024
  • “Ransomware Attacks and Cyber Insurance,” Incident Response Forum Ransomware 2024, Virtual, January 18, 2024
  • “Code and Ethics: Understanding Attorneys’ Ethical Obligations after Data Breaches,” Law & Forensics, Virtual, January 5, 2024
  • “Cyber: Prepare, Prevent, Mitigate, Restore,” Travelers Institute, Dallas, TX, November 28, 2023
  • “Cyber: Prepare, Prevent, Mitigate, Restore,” Travelers Institute, Bellevue, WA, November 10, 2023
  • “Building Resilience: What Can We Learn from Cyber Claims,” ITC Vegas, Las Vegas, NV, November 1, 2023
  • “Insuring the Digital Future: Cyber Insurance in an Evolving Threat Landscape,” 11th Annual Cyber Warfare Symposium, New York, NY, October 18, 2023
  • “How to Legally and Proactively Respond to Cyber Threats,” Law & Forensics, Virtual, July 20, 2023
  • “2022 Claims & Losses Update,” NetDiligence Cyber Risk Summit 2023, Philadelphia, PA, June 1, 2023
  • “Cyber: Prepare, Prevent, Mitigate, Restore,” Travelers Institute, Charlotte, NC, May 23, 2023
  • “Cyber: Prepare, Prevent, Mitigate, Restore,” Travelers Institute, Portland, OR, April 17, 2023
  • Cyber: Prepare, Prevent, Mitigate, Restore,” Travelers Institute, New York, NY, March 21, 2023
  • “Claims: This One Is Not Like The Other,” NetDiligence Cyber Risk Summit 2023, Ft. Lauderdale, FL, February 20, 2023
  • “Ransomware and Cyber Insurance,” 2023 IR Forum Ransomware, Virtual, January 12, 2023
  • “Cyber Defense – What to Do After an Incident,” Iowa Chapter of Healthcare Financial Management Association’s (HFMA) Winter Meeting, Virtual, January 11, 2023
  • “Cyber Attacks: How Not to Lose Your Practice,” NY Regional Society of Plastic Surgeons (NYRSPS) Annual Meeting, New York, NY, November 19, 2022
  • “Cyber Insurance Day,” Cowbell Insurance, Washington, D.C., November 2, 2022
  • “Battle of the Breach Coaches,” Advisen 2022 Cyber Risk Insights Conference, New York, NY, October 25, 2022
  • “State of the Market: Cyber Claims Evolution,” Mullen Coughlin/Tracepoint CLE/CE, Devon, PA, September 29, 2022
  • “Incident Response Fireside Chat,” AWAC Cyber Symposium, Boston, MA, September 21, 2022
  • “Cyber Claims Process and Trends,” RSUI Professional Claim Seminar, Atlanta, GA, September 20, 2022
  • “Cybersecurity: Risks and Opportunities for Associations,” National Association of REALTORS, Virtual, September 14, 2022
  • “Debunking Common Cyber and Cyber Insurance Myths,” Marsh McLennan Agency (MMA), Virtual, August 31, 2022
  • “The Future of Cyber Insurance: Where is the Market Going in These Uncertain Times,” Advisen, Virtual, June 9, 2022
  • “How to Navigate a Vendor Data Breach,” Law & Forensics, Virtual, June 3, 2022
  • “2022 Claims & Losses Update,” NetDiligence Cyber Risk Summit 2022, Philadelphia, PA, June 2, 2022
  • “Surviving An Attack,” Deerfield Healthcare Cyber Education Series, Virtual, May 18, 2022
  • “Cyber Attack Simulation: We’ve Been Hacked! Now What?,” ResCon, New Orleans, LA, April 21, 2022
  • “Who Do You Call When You’ve Been Breached?,” TrueNorth Companies Digital Risk Webinar, Virtual, April 14, 2022
  • Top Three Cybersecurity Threats and the Industries Most Affected,” Chattin Cyber, Podcast, April 6, 2022
  • “Righting the Ship: How Insurance, Legal, Technical and Law Enforcement Play a Role in an Organization’s Ransomware Preparedness and Response Efforts,” 2022 CLM Annual Conference, Palm Desert, CA, March 25, 2022
  • “What Was, What Is and What Will Be in Cyber Claims,” PLUS Cyber Symposium, New York, NY, March 2, 2022
  • “Ransomware and Cryptocurrency: Facts, Threats and Countermeasures,” DHS Corporate Security Symposium, Philadelphia, PA, February 17, 2022
  • “Incident Response,” MJ Sorority, Virtual, February 2, 2022
  • The Cybersecurity Playbook: What You Need to Know,” The Travelers Institute’s Wednesdays with Woodward®, Virtual, December 1, 2021
  • “The State of the Cyber Marketplace Post-Pandemic,” Insurance Brokers’ Association of New York, Virtual, August 26, 2021
  • “2020 Claims & Losses Update,” NetDiligence Cyber Risk Summit 2021, Philadelphia, PA, July 14, 2021
  • “The Best Cyber Control Measures for Today’s Cyber,” PLUS Cyber Symposium, Virtual, May 6, 2021
  • “Cyber Attack Simulation: All The Right Moves,” RIMS Live 2021, Virtual, April, 19, 2021
  • “Data Security Incidents and Cyber Insurance,” Incident Response Forum Masterclass 2021, Virtual, April 8, 2021
  • “Cyber Attack Simulation on Ransomware,” ABA Risk 2021, Virtual, March 25, 2021
  • “Alternative Compliance/Inapplicability of State Law,” Continuing Legal Education, Wayne, PA, February 6, 2019
  • “Cyber Update – Legal and Forensic Foundations and Trends,” In-house Training for National Insurer, Hartford, CT, December 12, 2018
  • “Cyber Update – Legal and Forensic Foundations and Trends,” In-house Training for International Insured, Hartford, CT, December 11, 2018
  • “GDPR Updates,” In-house Training for International Insurer, Jersey City, NJ, November 13, 2018
  • “The Three Cs of Cyber: Claims, Capacity, and Competition,” Advisen Cyber Risk Insights Conference, New York, NY, October 25, 2018
  • “You’ve Been Breached: Now What?,” Seminar Series for International Brokerage Firm, Raleigh, NC, October 23, 2018
  • “You’ve Been Breached, Now What?,” Seminar Series for International Brokerage Firm, Richmond, VA, October 10, 2018
  • “You’ve Been Breached, Now What?,” Seminar Series for International Brokerage Firm, Falls Church, VA, October 9, 2018
  • “International Regulatory Update,” NetDiligence Cyber Risk Summit, Santa Monica, CA, October 2, 2018
  • “Real Estate, Hotel & Gaming – Cyber Event and Post Event Actions,” Conference for International Brokerage Firm, Plano, TX, September 13, 2018
  • “Breach Avoidance/Preparation: Counseling Companies Before the Inevitable Breach (Including Cyber Insurance),” Incident Response Forum 2018, Washington, DC, April 18, 2018
  • “Excel Training for Attorneys,” Continuing Legal Education, Wayne, PA, March 21, 2018
  • “Evolution of Ransomware,” In-house Training for International Insurer, Jersey City, NJ, March 14, 2018
  • “Cybersecurity: Its Impact on You and Your Customers,” 2017 PMMI Annual Meeting, Richmond, VA, November 6, 2017
  • “Mitigating Cyber Exposures: A Risk Manager’s Role,” Client Advisory Board for International Insurer, “Miami Beach, FL, November 1, 2017
  • “Recent Developments in Cyber Risk Management, Claims and Insurance in the Banking and Capital Markets Industry,” Seminar for International Brokerage, New York, NY, October 17, 2017
  • “Claims and Losses Update: 2017 Trends,” 2017 NetDiligence Cyber Liability Conference, Santa Monica, CA, October 11, 2017
  • “Legal Update – New State Laws, Canada’s PIPEDA and Digital Privacy Act, and EU’s GDPR,” In-house Training for International Insurer, Jersey City, NJ, September 28, 2017
  • “Lawyers – Victims and Advisors in Cyber Attacks,” Cyber Claims Round Table for International Brokerage Firm, Philadelphia, PA, September 14, 2017
  • “The Rise of Cyber Claims: What Insurers Need to Know,” America’s Claims Event, Charlotte, NC, June 21, 2017
  • “Best Practices for Incident Response,” Cyber Risk Symposium for International Insurer, New York, NY, June 13, 2017
  • “Managing a Ransomware Attack and Extortion,”  2017 NetDiligence Cyber Liability Conference, Philadelphia, PA, June 6, 2017
  • “Mullen Coughlin: Best Practices from Leading Data-Breach Experts,” 2017 Insurance Company Conference for International Insurer, New York, NY, May 25, 2017
  • “2017 Cyber Claims – Trends and Forecast,” Cyber Symposium for International Insurer, Morristown, NJ, May 23, 2017
  • “Cyber Liability: Evolving Claims, Exposures, and Regulatory Enforcement,” Internal Training for International Insurer, Philadelphia, PA, April 6, 2017
  • “Expanding World of Cyber Claims,” PLUS, Chicago, IL, April, 5, 2017
  • “Evolution of Cyber-Risk,” International Insurer, Whitehouse Station, NJ, March 27, 2017
  • “Tackling Evolving Cyber Threats,” Cybersecurity Symposium for International Insurer, Hartford, CT, March 22, 2017
  • “Cyber Attack…What Now?,” ABA Insurance Risk Management Forum, Coronado, CA, February 5, 2017
  • “What is a Breach Coach,” Webinar Series for International Insurer, Hartford, CT, November 10, 2016
  • “Breach Response: Expert Advice from the Trenches,” Conference for International Insurer, Los Angeles, CA, October 21, 2016
  • “We Have a Breach, What Now?,” Cyber Response Forum for International Insurer, Blue Bell, PA, April 27, 2016
  • “Cyber/Privacy Liability,” IIAP Fraud Day, Philadelphia, PA, March 25, 2016
  • “Is Healthcare Really a Radioactive Risk for Cyber Insurance?,” HB Litigation Conferences, March 23, 2016
  • “Mock SQL Injection,” Training for International Insurer, Hartford, CT, December 7, 2015
  • “Cyber Liability: Evolving Claims, Exposures, and Regulatory Enforcement,” In-House Presentation for International Insurer, Morristown, NJ, November 4, 2015
  • “The Ever-Changing Landscape of Cyber Risk,” RIMS, Naples, FL, July 29, 2015
  • “Discussions on Cyber Liability,” International Insurer, Hartford, CT/Boston, MA, May 11-12, 2015
  • “Corporate Compliance with HIPAA in the Event of a Major Data Breach,” Philadelphia Area Society for Healthcare Risk Management Annual Spring Conference, Plymouth Meeting, PA, April 23, 2015
  • “Reputational Risk – Real or Fallacy?,” Advisen Cyber Risk Insights Conference, London, UK, February 10, 2015
  • “CyberRisk Policy Virtual Training,” International Insurer, Virtual, January 29, 2015
  • “Trends in Cyber Liability,” In-house Presentation for International Insurer, December 2, 2014
  • “Data Security in the Age of Cyber Breaches,” Avant Resources, Virtual, November 20, 2014
  • “Cyber Edge Tool Presentation,” International Insurer, Webinar, October 24, 2014
  • “Cyber Risk: Threats, Loss Control, Liability & Claims,” Pennsylvania Association for Health Care Risk Management, September 26, 2014

PUBLICATIONS

AWARDS & HONORS

  • Zywave Cyber Risk Industry Person of the Year – USA (2022)
  • Cybersecurity Docket Incident Response 50 (2018-2024)
  • Lawdragon Leading Global Cyber Leader (2024)