Sian Schafle is a Partner at Mullen Coughlin and Chair of the Firm’s Incident Response practice group. She focuses her practice on data privacy and security incident response, regulatory investigation defense and pre-incident Advisory Compliance planning and counseling.

As Chair of the Incident Response practice, Sian manages the over 100 incident response attorneys in their provision of Breach Coach services to organizations who are suffering, or have already suffered, a data privacy and security incident. She works diligently to cultivate and nurture the practice’s relationships with the various incident response stakeholders, such as cyber insurance carrier and broker partners, forensic investigation firms, law enforcement and other regulatory agencies. Sian is also a frequent presenter on data privacy and security topics and has presented with representatives from cyber insurance carriers and brokers, third-party partners and other industry thought leaders at national and regional conferences and meetings.

In her representation of organizations who have become the victim of a data privacy and security incident, both big and small, Sian guides them through all stages of the investigation and incident response process, working closely with organization stakeholders, third-party forensic investigators, regulatory authorities and law enforcement.  She has handled hundreds of data privacy and security incidents including ransomware attacks, business email compromises (BEC) and network intrusions. She has also counseled and defended organizations in third-party regulatory actions arising from data privacy and security incidents including investigations by state Attorneys Generals, the U.S. Department of Health and Humans Services’ Office for Civil Rights (HHS-OCR) and the Federal Trade Commission (FTC).

Sian has counseled organizations from an array of industry groups, with an emphasis on healthcare and life sciences, professional services and financial services. In addition to her incident response practice, she also provides proactive and pre-incident counsel on data privacy and information security Advisory Compliance solutions tailored to the organization’s profile. She also has extensive litigation experience, most recently as an Assistant District Attorney, having tried more than 30 felony jury trials and over 100 felony bench trials.

SPEAKING ENGAGEMENTS & PRESENTATIONS

• “Today’s State of Cybersecurity,” Berks County Intermediate Unit Cyber Insurance & Incident Response Workshop and Forum, Reading, PA, January 12, 2023
• “Cyber Resilience for Contractors,” 2022 IRMI Construction Conference, Las Vegas, NV, November 16, 2022
• “Today’s State of Cybersecurity,” Segal’s 16th Annual Multiemployer Summit, Tempe, AZ, October 12, 2022
• “State of the Market: Cyber Claims Evolution,” Mullen Coughlin/Tracepoint CLE/CE, Devon, PA, September 29, 2022
• “Cyber Panel,” Edison Electric Institute Risk Management Committee Meeting, Orlando, FL, March 1, 2022
• “Legal Aspects and Ramifications of a Data Privacy and Security Incident,” Media Financial Management Association, Virtual, January 20, 2022
• “Cyber Security,” Cetera Financial Group, Virtual, April 7, 2021
• “Vendor Breaches,” International Insurer, September 24, 2020.
• “The Impact of COVID -19 on Cyber Security: Is Your Organization Prepared?,” International Insurer, Virtual, April 30, 2020
• “Cyber Updates,” International Insurer, Miami FL, November 19, 2019
• “Legal Issues That Arise in the Field of Data Security. What Is It Like To Be An Attorney in the Data Privacy Sector?,” University of Connecticut School of Law, Hartford, CT, October 7, 2019
• “Ransomware & How It’s Handled,” International Insurer Broker Meeting, Salt Lake City, UT, September 17, 2019
• “SEC FINRA,” Continuing Legal Education, Wayne, PA, August 21, 2019
• “California Regulations,” Continuing Legal Education, Wayne, PA, June 27, 2019
• “Issue-Spotting and Event Triage Prep,” Continuing Legal Education, Wayne, PA, May, 13, 2019
• “GDPR Impact on U.S. Based Companies,” 2018 PLUS Conference, San Diego, CA, November 9, 2018
• “Incident Response, Working with Counsel, and Navigating a Cyber Claim,” Cyber COPE Insurance Certification for International Insurer, Washington, DC, November 7, 2018
• “You Are Probably Breaking Privacy Laws,” Self-Insurance Institute of America National Educational Conference & Expo, Austin, TX, September 25, 2018
• “Global & Domestic Regulations in Data Privacy,” International Broker, Virtual, August 8, 2018
• “Current Threat Landscape: Where we are in Cyber Risk,” Women’s Leaderboard Conference for International Insurer, Philadelphia, PA, June 5, 2018
• “Cyber Insurance Essentials and Trends,” North American Contingency Association Annual Conference, Nashville, TN, May 23, 2018
• “Data Breach Response Team – Working with a Breach Coach and Forensic Investigator in the Investigation and Response to a Data Breach Event,” Annual Best Practices Workshop for Client of International Broker, Marlton, NJ, November 1, 2017
• “Paying the Price: Selling Your CFO on Cybersecurity,” SANS Data Breach Summit, Chicago, IL, September 26, 2017
• “Cyber: Prepare, Prevent, Mitigate, Restore,” Cybersecurity Symposium for International Insurer, Dallas, TX, October 3, 2016
• “Data Privacy Table Top Scenarios,” Caribbean Insurance Conference, Paradise Island, Bahamas, June 5, 2016
• “Cyber: Prepare, Prevent, Mitigate, Restore,” Cybersecurity Symposium for International Insurer, Los Angeles, CA, April 27, 2016
• “Cyber Breaches: What Do You Do When the Urgent Call Comes?” Broker Event for International Insurer, Los Angeles, CA, March 24, 2016
• “Breach Impact: From the First Claim through Resolution,” Privacy XChange Forum, Paradise Valley, AZ, October 25, 2015
• “Cyber Liability,” PRIMA Conference, Sarasota, FL, October 13, 2015