Josh Brian is a Partner at Mullen Coughlin, focusing his practice on data privacy and security incident response and pre-incident Advisory Consulting services. Josh’s practice includes assisting organizations through the full lifecycle of the response to data privacy and security incidents, including the containment of the incident and investigation into how it occurred; operational restoration; and compliance with applicable state, federal, international and industry-related laws and regulations.

He has provided incident response counsel to both private and public organizations in such industries as retail/e–commerce; healthcare and life sciences; financial services; professional services; and government, including local and state agencies and Department of Defense (DoD) contractors.

REPRESENTATIVE MATTERS

• Coordinated legal assessments for notice in more than 40 countries stemming from a ransomware incident against a large technology company
• Provided incident response services to a large corporate organization after a business email compromise (BEC) incident impacted more than 50 email accounts
• Provided Payment Card Industry (PCI) incident response services for a retailer after a data privacy and security incident impacted its e-commerce platform
• Responded to a ransomware and BEC incident which led to an investigation by the U.S. Department of Health and Human Services’ Office for Civil Rights (HHS-OCR) 
• Advised and assisted dozens of corporate entities in responding to formal and informal regulatory inquiries related to data privacy and security incidents 
• Coordinated and managed on-site remediation services for an organization with a sprawling geographic infrastructure to mitigate business interruption and losses stemming from a large-scale ransomware incident 
• Developed a ransomware-specific Incident Response Plan (IRP) and conducted a ransomware preparedness training for a large healthcare organization