BREACH HOTLINE
844-885-1574

Professionals

J Mullen

John F. Mullen

Chief Executive Officer
426 W. Lancaster Avenue, Suite 200
Devon, PA 19333

Office: (267) 930-4791

Education

Arizona State University College of Law
Juris Doctor

The Pennsylvania State University
Bachelor of Science

Admission

  • Pennsylvania
  • New Jersey

Practice Areas

Professional Memberships

  • Council on Litigation Management
  • Defense Research Institute (DRI)
  • Federation of Defense & Corporate Counsel

John F. Mullen, Sr. is a founding partner of Mullen Coughlin and is the Firm’s Chief Executive Officer (CEO). For over 22 years, John has been focused on data privacy and security law, particularly with the development and advancement of incident response practices within the cyber insurance ecosystem. He is nationally recognized in data privacy and security, incident response and cyber insurance specialties.

As CEO, John is responsible for setting the strategic direction of the Firm and overseeing its day-to-day operations. He is committed to providing clients with the highest and most sophisticated level of legal counsel. He works diligently to foster a team of respected attorneys to advance that commitment to excellence throughout the legal, cybersecurity and cyber insurance industries.

Under John’s leadership, since Mullen Coughlin’s founding in 2016, the Firm has grown to over 115 attorneys and is recognized as the leading data privacy and security law firm in the United States by clients and industry peers. Since 2016, John and the firm responded to 25,000+ data privacy and security incidents; counseled thousands of organizations on pre-incident Advisory Compliance solutions; and defended thousands more in security/privacy litigation and regulatory investigations.

John is dedicated to staying at the vanguard of developments and emerging issues. He is a sought-after speaker at nationwide and global conferences on the topics of data privacy, information and network security and cyber insurance. He regularly presents to executive leadership teams of the Firm’s cyber insurance carrier and broker partners on trends and best practices. He has been published and quoted in numerous publications as a skillful practitioner on cyber-related issues. These engagements strengthen the Firm’s relationships with new and existing industry partners and position Mullen Coughlin as the premier data privacy and security law firm for organizations of all sizes and across all industry groups.

Prior to founding Mullen Coughlin with Jennifer A. Coughlin, Chris DiIenno and Jim Prendergast (deceased), John was a Partner at a full-service law firm and Chair of their Data Privacy and Cybersecurity practice group. He holds a J.D. from the Arizona State University College of Law, a B.S. from the Pennsylvania State University and is licensed to practice in Pennsylvania and New Jersey.

SPEAKING ENGAGEMENTS & PRESENTATIONS

  • “What’s on the Horizon: Cyber Readiness and Insurance Projections for 2023,” NFP Cyber Readiness Webinar, Virtual, January 12, 2023
  • “The Key Issues in Cyber Insurance,” KBW Experience, New York, NY, May 9, 2022
  • “Emerging Issues in Cybersecurity & Data Privacy,” ABA/TIPS Cybersecurity and Data Privacy Conference, Atlanta, GA, March 4, 2022
  • “HACKED! What Happens Next? Be Prepared to Respond,” Lyons Companies, Wilmington, DE, February 10, 2022
  • 2021 Claims & Losses Update,” 2021 NetDiligence Cyber Risk Summit, Santa Monica, CA, October 6, 2021
  • “Research Summit: Getting Hacked – IoT and Beyond”, Live Panelist, International Insurer Summit, Consumer Electronic Show, Las Vegas, NV, January 7, 2019
  • “Meeting the New Challenges of Cyber Insurance Coverage: Think You’re Covered? Think Again”, Webcast Panelist, National Brokerage, Philadelphia, PA, December 13, 2018
  • “The Cost of Cyber Crime – Understanding the Basics of Breach Response”, The Fidelity Law Association 2018 Annual Conference, Keynote Speaker, Philadelphia, PA, November 7, 2018
  • Internal Training to Claims and Underwriting Teams, Webinar Panelist, National Insurer, October 8, 2018
  • “Cyber Update”, Invited Guest Speaker, Internal Training, International Insurer, Hartford, CT, September 26, 2018
  • “Claims Update”, Invited Guest Speaker, Internal Training, National Insurer, New York, NY, September 20, 2018
  • “Cyber Claims/Underwriting Update”, Invited Guest Speaker, National Underwriting Leaders Meeting, National Insurer, Parsippany, NJ, August 14, 2018
  • “Cyber Practitioners Around the World”, Live Panelist, International Brokerage, New York, NY, May 30, 2018
  • “Cyber Update”, Invited Guest Speaker, Preferred Agent Conference, International Insurer, Newport Beach, CA, May 1, 2018
  • “State of Cyber Risk”, Webinar Panelist, Municipal Consortium, April 26, 2018
  • “Today’s Cyber Landscape”, Webinar Panelist, National Insurer, April 24, 2018
  • “Blockchain” Guest Panelist, International Brokerage, Radnor, PA, March 13, 2018
  • “Cyber Update”, Invited Guest Speaker, Preferred Agent Meeting, International Insurer, Orlando, FL, March 6, 2018
  • “What’s Trending in Cyber Claims” Guest speaker at Carrier Claims Conference, National Carrier, Lake Oconee, GA, February 22, 2018
  • Cyber Team Training – Claims Team, International Insurer, Hartford, CT, January 19, 2018
  • “Anatomy of a Breach” Internal Underwriting and Claims Training for International Brokerage, Chicago, IL, January 2018,
  • “Cyber Security and your Business: Mitigate the Risk” Webinar Panelist, December 5, 2017
  • Internal Training, Claims Group, International Insurer, Lake Oconee, Greensboro, GA, November 14, 2017
  • “Cyber Hot Topics: Claims and Trends” Roundtable discussion – Guest Speaker for National Insurer, Atlanta, GA, November 1, 2017
  • “Regulatory Update!”, Webinar, Guest Speaker, International Brokerage, October 25, 2017
  • Invited Speaker at Insurance Producers Meeting, International Insurer, New York, NY, October 24, 2017
  • Cyber/E&O Team Discussion, Invited Speaker, International Brokerage, October 18, 2017
  • “Cyber and Privacy Insurance – An Enterprise Risk Hedge, New York Metro Joint Cyber Security Conference, Panelist, New York, NY, October 5, 2017
  • “Cybersecurity Best Practice Roundtable”, Invited speaker, M&A East Conference, Philadelphia, PA, October 4, 2017
  • “Debunking Myths about Insurance, How Security and Insurance are actually hitting it off”, Webinar Panelist, September 27, 2017
  • “The Evolving Cyber Landscape”, Guest Speaker, Group Client Conference International Insurer and International Brokerage, Asheville, NC, September 6, 2017
  • “The Evolving Cyber Landscape” Guest Speaker, International Brokerage, Ashville, NC, September 6, 2017
  • “Cyber Summit” Invited Speaker, New Jersey Municipal Pool, Union, NJ, July 20, 2017
  • Internal Training to Claims and Underwriting Teams, International Insurer, Invited Speaker, New York, NY, July 18, 2017
  • Internal Training to Claims and Underwriting Teams, International Insurer, Invited Speaker, New York, NY, July 17, 2017
  • “What to Do in the Event of a Breach” Webinar Panelist, May 23, 2017
  • “It’s Happened.. Who Gets the First Call… and the Second?” Panelist, Advisen Cyber Insights 2017, Chicago, IL, May 16, 2017
  • “New York State Department of Financial Services – Cybersecurity Requirements for Financial Services Companies” Keynote Speaker, 2017 Financial Institution Symposium, New York, NY, May 9, 2017
  • Internal Training to Claims and Underwriting Teams, Webinar, International Insurer, New York, NY, May 4, 2017
  • “Cyber Update – The Evolving Landscape”, Guest Speaker at International Insurer Advisory Board Meeting, New York, NY, May 3, 2017
  • “Cyber Update”, Webinar, Internal Training at International Insurer, May 1, 2017
  • Internal Training, Tabletop Exercise, Guest Presenter at International Insurer, Windsor, CT, April 26, 2017
  • 2017 PLUS Cyber Symposium, Program Co-Chair, Chicago, IL April 5-6, 2017
  • “The Evolution of Cyber Risk”, Instructor Continuing Legal Education at International Insurer, Whitehouse Station, NJ, March 27, 2017
  • “Cyber – What’s New”, Cyber Brokerage Team Guest Speaker, International Brokerage, Chicago, IL, February 22, 2017
  • “Cyber and Healthcare – Roundtable Discussion”, Nationally based Pediatric Hospital Association, Washington, DC, February 6, 2017
  • “CyberRisk – After the Breach”, Guest Panelist, International Insurer Annual Meeting, Beaver Creek, CO, February 2, 2017
  • “Cyber Roundtable Discussion”, Guest Speaker, International Brokerage Firm, Reston, VA, January 26, 2017
  • “Cyber Market Condition Update”, Guest Speaker, International Brokerage Firm, New York, NY, January 11, 2017
  • “HIPAA Update”, Internal Training to Claims and Underwriting Teams, Guest Speaker, International Insurer, Jersey City, NJ, December 19, 2016
  • “Cyber Update”, Internal Training to Claims and Underwriting Teams, Guest Speaker, International Insurer, New York, NY, December 7, 2016
  • “Changing Tactics in Cyber Crime”, Panel Moderator, PLUS Cyber Symposium, Chicago, IL, November 11, 2017
  • Internal Training to Claims and Underwriting Teams, Guest Speaker, National Insurer, New York, NY, November 7, 2016
  • Internal Training to Claims and Underwriting Teams, Guest Speaker, International Insurer, Farmington, CT, November 2, 2016
  • Mock Breach Coach Call Exercise, Guest Speaker, Internal Training at International Insurer, November, 1, 2016
  • “Cyber Q&A”, Webinar, Nationally based Insurer, October 25, 2016
  • Internal Training to Claims and Underwriting Teams, Guest Speaker, International Insurer, New York, NY, October 6, 2016
  • “Dude – Who Swiped My Card?”, Moderator, PLUS, New York, NY, September 27,2016
  • “Cyber Risk: Threat & Legal Landscape” Webinar Panelist, September 23, 2016
  • “What YOU Need to Know and How to Protect Your Bank, Employees and Customers”, Panelist, Vail, CO, September 22, 2016
  • Internal Training to Claims and Underwriting Teams, National Brokerage, Denver, CO, September 12, 2016
  • Live Guest Speaker at Technology/Media Team Meeting, International Insurer, Chicago, IL, September 20, 2016
  • Internal Training to Claims and Underwriting Teams, International Insurer, New York, NY, September 9, 2016
  • Internal Training to Claims and Underwriting Teams, National Insurer, New York, NY, July 26, 2016
  • “Cyber 101 and Beyond”, Internal Training to Claims and Underwriting Teams, National Insurer, July 26, 2016
  • “Cyber Incidents: Not a Matter of If or When…but How”, Webinar Panelist, International Insurer, July 20, 2016
  • “Cyber Risk Mitigation”, Live Panelist, International Brokerage, Garden City, NY, July 19, 2016
  • “Cyber: Prepare, Prevent, Mitigate, Restore”, Live Panelist, International Insurer, Capitol Hill, Washington, DC, June 17, 2016
  • “Data Privacy”: Payment Card Industry (PCI) Issues”, Internal Training to Claims and Underwriting Teams, International Insurer, Jersey City, NJ, June 16, 2016
  • “State of Litigation” Live Panelist, HB Litigation NetDiligence Cyber Forum, Philadelphia, PA, June 7, 2016
  • “The World of Cybercrime: No Longer a Hobby but a Full Time Job”, Live Panelist, International Insurer, West Harrison, NY, May 17, 2016
  • “The Cyber Insurance Journey”, CyberPro Webinar Series for International Insurer —Webinar Panelist, May 17, 2016
  • “HIPAA Privacy and Security”, Live Panelist for Municipal Consortium, San Antonio, TX, May 5, 2016
  • “Small Business — Am I Really Exposed”, Live Panelist, ExecuSummit, April 20, 2016, Uncasville, CT
  • “CyberLiability Solutions Help Healthcare Providers Avoid Costly Data Breaches”, Webinar Panelist, April 6, 2016
  • “CyberRisk — What We Know”, Webinar Panelist, International Insurer, March 16, 2016
  • “Cyber Road Show”, Live Panelist, International Insurer, Chicago, IL, March 8, 2016
  • “Top 20 CyberSecurity Checklist”, Live Instructor, Continuing Legal Education Program, New York State Bar Association, New York, NY, March 1, 2016
  • “CyberRisk and Financial Institutions”, Live Panelist, International Insurer, Chicago, IL, February 24, 2016
  • “Security Breach Best Practice” Live Instructor, Continuing Legal Education, International Insurer, Chicago, IL, November 4, 2015
  • “Cyber Claims — Training and Development”, Live Panelist, International Insurer, Morristown, NJ, October 29, 2015
  • “CyberSecurity in Commercial Aviation”, Live Panelist, Senate Building, Washington, DC, October 27, 2015
  • “New Developments in Data Privacy Law”, Live Panelist, International Insurer, New York, NY, October 22, 2015
  • “Data Security — What to Do Before, During and After a Breach”, Webinar Panelist, October 22, 2015
  • “HIPAA Data Breaches: Issues and Considerations for Pools, Live Panelist for Municipal Consortium, Annapolis, MD, October 19, 2015
  • “Managing Cyber Risk” Webinar Panelist, International Retailer Association, October 14, 2015
  • “Cyber Claims & Loss Updates”, Panel Moderator, HB Litigation NetDiligence Cyber West, Santa Monica, CA, October 6, 2015
  • “Hacked: The Realities of a Cyber Event”, Live Panelist, International Insurer, Washington, DC, October 1, 2015
  • “Preparing for a Breach — A Proactive Stance”, Live Panelist, Security Leaders Summit, New York, NY, September 22, 2015
  • “Data Breaches and On-Line Companies”, Guest Speaker, Sirius Radio, September, 21, 2015
  • “Cyber Liability: Understanding PCI Standards to Protect Your Merchant Clients After a Breach”, Webinar Panelist, September 15, 2015
  • “Cyber Immersion,” Live Panelist, International Insurer, New York, NY, March 10, 2015
  • “Cyber Risk, Threats, Loss Control, Liability & Claims – An Overview,” Live Panelist, PAISBOA, Radnor, PA, March 16, 2015
  • “Trends in Cyber Liability,” Live Panelist, International Insurer, New York, NY, March 19, 2015
  • “Are Data Breaches a Real Concern? Protecting Your Sensitive Information,” Live Panelist, DeWitt Stern, New York, NY, March 24, 2015
  • “The Evolving Liabilities: Cyber, Privacy & Security Exposures,” Live Panelist, Arc Excess and Surplus, New Haven, CT, February 25, 2015
  • “The Real Cost of a Data Breach,” Webinar Panelist, January 12, 2015
  • “What Insurance Professionals Should Know About the Cyber Risks of Small and Medium Sized Businesses,” Live Panelist, AM Best Live Video, December 18, 2014
  • “Cyber Risk: An Overview on Threats, Loss Control, Liability & Claims,” Webinar Panelist, Hub International, December 12, 2014
  • “Information & Network Security- Cyber,” Live Panelist, Marsh & McLennan, New York, NY, December 10, 2014
  • “Practical Strategies to Address Cyber Risk in Your Business: What Boards, Business Owners and General Counsel Need to Know Now,” Webinar Panelist, November 18, 2014
  • Cyber Risk Insights: Breach Table Top,” Webinar Panelist, Advisen, Ltd., October 17, 2014
  • “Cyber Crystal Ball,” Live Panelist, Claims and Litigation Management (CLM) Conference, New York, NY, October 15, 2014
  • “Claims, Claims, Claims: Claims & Loss Updates,” Panel Moderator, NetDiligence Cyber West Forum, Santa Monica, CA, October 8, 2014
  • “Scared Straight, Don’t Let Your Cyber Liabilities Take You Off Course,” Webinar Panelist, AmWINS Group, September 17, 2014
  • “Cyber Risks in the Board Room and Beyond,” Panel Moderator, International Insurer, Lafayette Hill, PA, July 31 2014
  • “Data Breach – Your Residents, Clients, Customers, Students & Patients Data is for Sale! How did you get there and what do you do now?”, Live Panelist, RIMS, Naples, FL, July 30, 2014
  • “Privacy and Data Security Risks Under the Insurance Umbrella,” Philadelphia I-Day: Finding Advantage in a World of Change, Panelist, March 22, 2012
  • “Network Security and Privacy Panel,” Media Financial Management Association (MFM) 2012 CFO Summit, February 22, 2012
  • “Cyber Liability the Sequel: One Year Later, What’s Changed?” A.M. Best Company Webinar, February 1, 2012
  • “The Globalization of Privacy Legislation,” Professional Liability Underwriters Society (PLUS) 2011 International Conference, November 3, 2011
  • “State of the Cyber Nation Address,” NetDiligence West Coast Cyber Risk & Privacy Liability Forum, Panelist, October 4, 2011
  • “Assessing and Responding to a Data Breach: From Start to Finish,” American Conference Institute (ACI) 5th Annual Advanced Forum on Cyber & Data Risk Insurance, Co-Presenter, September 27, 2011
  • “Privacy and Network Risk Exposures, Court Cases, Insurance and More,” CPCU Society Webinar, May 26, 2011
  • “Data and Network Security (Cyber) Risk Identifying, Assessing and Combating the Exposures,” TMPAA Mid-Year Meeting, May 11, 2011
  • “A Discussion on Legal and Technology Risk Management & Risk Transfer,” Risk and Insurance Management Society (RIMS), Delaware Valley Chapter, Co-Presenter, February 8, 2011
  • “What Professionals Should Know About Cyber Liability,” A.M. Best Company Webinar, January 27, 2011
  • “Data Breach Preparedness – Understanding the Risk and Preparing for the Crisis,” In-House Presentation for an International Insurer, January 26, 2011
  • “Electronic Media (Cyber) Litigation,” CPCU Society, Philadelphia Chapter, October 19, 2010
  • “Data & Network Security (Cyber) Risk – Identifying, Assessing and Combating the Exposures,” CPCU Society Annual Meeting, September 28, 2010
  • “Assessing the Impact of Recent Litigation Over Privacy/Security Breaches Current Theories of Liability and Claims,” Cyber and Data Risk Insurance, September 27, 2010
  • “Cyber Liability in the Health Care Sector: Best Practices for Risk Management and Identifying Industry-Specific Exposures,” Webinar, July 21, 2010
  • “Issues in Risk Management: Privacy and Data Breach Understanding the Risk and Managing a Crisis,” July 20, 2010
  • “Risk Management for Data Security and Privacy Exposures,” Webinar, July 15, 2010
  • “Network Security and Data Privacy: Past, Present and Future,” July 13, 2010
  • Data Breach Liability: An Unstable Legal Environment,” HB Litigation, The NetDiligence® Cyber Risk & Privacy Liability Forum, June 7, 2010 – June 8, 2010
  • “Issues in Risk Management: Privacy & Data Breach – Understanding the Risks and Managing a Crisis,” New York Chapter – RIMS, May 20, 2010
  • “Positioning to Win,” In-House Presentation for an International Insurer, May 18, 2010
  • “Issues in Risk Transfer: Contractual and Common Law Indemnification,” Webinar, May 18, 2010
  • “Network Security and Data Privacy: Past, Present and Future,” In-House Program for an International Insurer, May 5, 2010
  • “Data Breach Events: Before and After,” Webinar, May 5, 2010
  • “The Risk Managing of Data Security & Breaches in Health Care,” Webinar, March 31, 2010
  • “Online Social Networks and Cyber Risk? Here in the Facebook Era the Topic is Looming Large as is the Interface with Policyholders, Carriers and Cyber Risk Coverages,” 2010 ABA/TIPS ICLC Meeting, Co-Presenter, February 25, 2010 – February 27, 2010
  • “Network Security/Cyber Law,” Webinar, February 24, 2010
  • “Network Security and Privacy 101: An Introduction and Primer on Information Loss,” RIMS Ohio River Valley Chapter, February 19, 2010
  • “Data/Cyber Risk: Assessing, Identifying & Combating the Exposures,” NLdH Complex Litigation Seminar, November 5, 2009
  • ACI Cyber/Data Risk Insurance Conference, Featured Speaker, Philadelphia, PA, September 16, 2009 – ­September 17, 2009
  • “Cyber Law,” Professional Liability Underwriting Society, August 7, 2009
  • “Chinese Drywall Litigation and Insurance Coverage Update,” July 28, 2009
  • “Chinese Drywall Litigation,” Lawyer 2 Lawyer, July 15, 2009
  • “Chinese Drywall Litigation,” HB Litigation Conferences, June 2, 2009
  • “Preparing for the Inevitable Data Breach,” Video Podcast, ACE USA, April 1, 2009
  • “Reducing Litigation Risk in a Digital Age,” ACG of Iowa, January 15, 2009
  • “Contracts,” Delaware Valley Association of Structural Engineers, October 15, 2008
  • “Information and Technology Risk: Challenges for a Connected World,” Gallagher Risk Management Services, June 16, 2008
  • “How E-Mail is Raising Your Lawsuit Risk,” National Electrical Contractors Association, May 16, 2008
  • “What You Need to Know to Avoid, Prepare for, Afford, Survive and Succeed in a Lawsuit,” Delaware Valley Association of Structural Engineers, April 30, 2008
  • “How Electronic Document Management Has Revolutionized the Construction Industry and How It Will Impact the Future,” General Building Contractors Association, 2008
  • “A Practical Guide for Preparing for and Managing a Lawsuit,” National Demolition Association, 2008
  • “E-Discovery,” ISOTECH, 2007

PUBLICATIONS

  • U.S. Department of Treasury Issues Updated Advisory on Facilitating Ransomware Payments,” September 24,2021
  • Can a Cyber Crime Cause ‘Bodily’ or ‘Personal’ Injury? Maybe in the Not-So-Far Future,” March 4, 2021
  • “From Weakest Link to Strongest Asset: Tackling Employee Negligence,” IAPP The Privacy Advisor, Co-Author, June 2016
  • “Inside Tennessee’s Revolutionary Data Breach Notice Law,” Law360, Co-Author, May 2016
  • “What Every CISO Needs to Know About Cyber Insurance,” White Paper – Symantec, Co-Author, May 2016
  • “Digging Deep: Fracking Litigation Trends,” Claims Magazine, Co-Author, February 1, 2012
  • “[Cyber] Space Invaders,” Best’s Review, Co-Author, December, 2011
  • “Aspatore Thought Leadership: Insurance Law 2011,” Co-Author, Aspatore Books, 2011
  • “Recognizing the Complexities of E-Discovery Preservation,” E-Discovery Connection, Co-Author, December 22, 2010
  • “New Interpretations of the Identity Theft Enforcement and Restitution Act Could Present Risks for Insurers,” Best’s Review, August 2010
  • “Reducing Liability for Insurers in Disaster Coverage Events,” Inside the Minds, Strategies for Structuring Insurance Disaster Coverage, Aspatore Books, 2009
  • “Risk Management 101,” Best’s Review, 2008
  • “The Electronic Paper Chase: What You Don’t Save Can Hurt You,” Constructor, 2008
  • “Insurance Coverage is Not One Size Fits All,” For Construction Pros, 2008
  • “Sorting Out Liability After a Disaster,” Structure, 2007

AWARDS & HONORS

  • Zywave Cyber Risk Industry Person of the Year – USA (2017, 2018)