Worldwide cybersecurity counsel in real time
Ransomware and state-sponsored supply chain attacks and extortion are the new norm. We can help you address these challenges and more by advising on the legal risks associated with your cybersecurity systems, incident response protocols and mitigation best practices.
Our team is recognized among top-ranked international cybersecurity advisors, particularly in the US and EU. We deliver responsive, worldwide access, advice and critical resources 24/7. Our team includes former general counsels and chief compliance officers, insurance regulators, and commercial and government contracts attorneys.
We develop and implement proactive strategies that make sense for your operational integrity. We constantly refine our tactics to mitigate enforcement and reputational risk through continuous cybersecurity assessment.
“We resolve major cyber breaches that hit global headlines.”
We resolve major cyber breaches that hit global headlines. Whether a single country or multiple regions are involved, our incident response protocol is adapted to the regulatory and privilege requirements and culture of the country of origin and without creating risk elsewhere. We have lawyers around the world, so we can quickly identify and address incident root causes.
We represent you before global regulators and Data Protection Authorities. We litigate disputes in all jurisdictions involving data breach class actions, IP theft, financial fraud, commercial and employment disputes, D&O and securities actions, and product liability and personal injury resulting from cyberattacks. We defend your rights as a victim of cybercrime in criminal investigations and prosecutions. We are fluent in the regulatory and commercial requirements of supply chain cybersecurity management.
Awards and recognition
Case studies
Our global cyber team advised a leading technology platform in the FMCG sector to assess and improve its cyber resilience. We worked with the client to determine which cyber policies and controls should form part of our gap analysis including existing incident response policies, information security policies, cyber insurance policies, customer and vendor contracts (as they relate to cyber security), engagement terms with key third-party vendors supporting incident response, staff training, board training and table top exercises.
Openness is essential to ensure best advice, so as a preliminary step we worked with the client’s legal team to develop a confidentiality and privilege protocol. This required a consideration of a number of different jurisdictions’ laws on privilege. We then worked closely with the client’s information security, legal and compliance teams carrying out a review of the existing controls, policies and procedures forming part of the client’s cyber resilience posture.
We developed a bespoke board presentation, sharing lessons learned from incident response and advising on the board’s responsibilities regarding cyber resilience and incident response, informed in part by our own experience as a victim of the NotPetya malware attack. We also considered and advised on specific considerations for listed companies when reporting generally on cybersecurity matters in market updates and annual reports and when reporting in the event of a significant cyber event.
In addition to helping our client to improve the maturity of their existing cyber controls, by working closely with key stakeholders in legal, compliance and information security, we have established trust which is essential for effective incident response.
We advised a publicly listed company on its investigation, containment and remediation following a major malware infection resulting in the encryption of the large majority of the company’s servers. The threat actor demanded a ransom payment to release the encryption keys. In the very early stages of the attack we advised on key first steps, including preserving log files and engaging specialist cybersecurity investigators. We supported the client, mapping all likely affected data and then assessing notification obligations to markets, to data protection supervisory authorities, to law enforcement, to clients and to affected individuals. We helped the client establish discrete teams for the investigation, communications and notifications and remediation and to establish a governance framework and rhythm for regular update meetings to key stakeholders.
We supported the client with all required notifications and with voluntary notifications to the intelligence services and also acted as an intermediary for all external stakeholders including insurers, the police and the intelligence services. We managed the investigation by the cybersecurity forensics firm. We managed ongoing communications with data protection supervisory authorities, several of whom opened investigations into the incident and asked multiple follow-up questions. All of these investigations were closed with no adverse findings against our client.
Working alongside our client’s stockbroker, disclosure committee and legal team, we helped to prepare market updates throughout the investigation and at the conclusion of the incident.
In several cases servers had to be rebuilt and we advised the client team on legal considerations in relation to the remediation of networks and relaunch of services, in particular the legal standard of care as to when it is safe to switch a network back on.
Once the immediate incident was fully resolved and the client’s networks were all back up and running, we prepared a key findings and lessons learned report for senior stakeholders. We continue to act as standing breach counsel for our client and have advised on a number of less significant incidents since.
