Not only are major data breaches now often resulting in regulatory investigations and fines, but cyber security has even been promoted to a geo-political issue affecting international trade in technology products.
The focus on cyber security has led it to feature regularly in the list of top three issues that are considered at board level for our clients. The range of activities that clients are navigating to ensure they comply with legal requirements and mitigate risks is expanding.
Why choose our Cyber Security lawyers?The Fieldfisher cyber team has dealt with hundreds of incidents and breaches. We are one of the few European law firms with specialist expertise and a long successful track record in cyber work.
A combination of high profile data breaches in recent times, and new laws like the EU's General Data Protection Regulation and the Directive on the Security of Network and Information Systems, have changed the landscape of cyber security forever.
Fieldfisher is one of few firms that takes a holistic, multi-disciplinary approach to cyber work. Centred on our core Privacy and Information Security Practice, we have a successful track record in helping our clients comply with legal and regulatory requirements, as well as prepare for and manage incidents when they occur. We regularly help clients with their data security and incident response policies, provide tabletop training on how to handle cyber incidents and, of course, assist with real life data incidents and breaches.
From our experience, cyber security is not only about having compliant policies and notifying breaches to regulators when required by law. Clients need practical advice on what other companies do in terms of best practice and what issues regulators will or will not tolerate.
Increasingly, businesses need a range of complementary services, including:
- Advice on directors' duties and data governance
- Assistance in reviewing their insurance policies and considering what coverage they should have or what they should commit to in their customer and supplier contracts
- HR support in order to monitor threats affecting employees, investigating incidents and, where necessary, taking disciplinary action
- Help ensuring that best practices are implemented in information security in transactions, including appropriate diligence in mergers and acquisitions, financing arrangements and technology and commercial contracts
- Advice on sector-specific regulation that builds on general privacy laws, including regimes in areas such as financial services and telecommunications
- Assistance in managing disputes that arise as a result of cyber security incidents and loss of data
- Advice on cyber security certification regimes, including the EU's new Cybersecurity Act
- Help with specialist cyber security contracts, ranging from penetration testing through to broader outsourcing information security and security operations services
- Advice on mergers and acquisitions and financings of specialist cyber security businesses