Strategies that make the most of technology bring significant efficiencies and growth opportunities, but also a range of risks.
Our global cyber security team comprises specialists who combine legal, technical and commercial expertise to help global corporates, utilities and financial institutions manage their cyber security.
We work with our clients across the full cyber security life cycle, helping to design and embed cyber security policies and procedures, including incident response planning, training and education. We also advise on regulatory compliance (such as financial services regulation and data protection), procurement and supply chain risk – including contractor vetting and cyber contractual provisions, and cyber issues in the context of corporate due diligence, joint ventures, projects and outsourcing.
We also work with in-house legal and technical teams in responding to incidents, and can coordinate or lead your response depending upon your requirements, as well as advising on regulatory notifications and reporting, best practice for working with regulators and law enforcement, litigation and recovery of assets. A number of our lawyers have technical backgrounds so are able to understand the technical causes and implications of cyber issues, as well as being able to work seamlessly with your internal IT teams or third party technical consultants.
We are also instructed by clients through ongoing cyber security retainers, so that we are available to advise on incidents or other issues at short notice. Our global dispute resolution practice is well placed to handle any litigation that arises from an incident.
Our practice covers three main areas:
Cyber risk management and advisory: Understanding, planning for and mitigating cyber risk is critical in reducing the impact of any breach. We help clients with drafting policies and procedures, training, contractual review, data protection compliance and policies, data retention, regulatory compliance, procurement (such as contractor vetting and contractual protections) and cyber insurance.
Incident response: We can be the primary point of contact for our clients, investigating and coordinating the response in conjunction with third party technical incident response teams as appropriate. We also advise on the legal issues that frequently arise from breaches such as data protection, employment law, intellectual property/confidential information, regulatory, insurance, health & safety and product liability. In particular, we can manage on your behalf necessary regulatory notifications and reporting, liaising with data protection authorities and working with law enforcement as appropriate. Please see our cyber security hotline page for more information.
Non contentious transactional and project work: Cyber security issues permeate many other fields of legal advice. We frequently advise on cyber security issues as part of, for example, transactional work, joint ventures, projects work and outsourcing.