Our experience - Examples of our work include
advising a range of clients
on all aspects of their cyber preparedness, including risk assessments, policies and procedures, third party mitigations, Board briefings, war games and more.
advising Capita
(as replacement counsel) on all aspects of its very high profile data incident.
advising a multinational jeweller
with its response to a ransomware attack which saw confidential details of employees and clients (some of whom were extremely high-profile individuals) shared on the dark web.
A global regulated organisation
on the response to the largescale compromise of commercially sensitive and personal information in over 140 countries (including on related injunctions and criminal proceedings)
a supplier to the NHS
on one of the largest losses of sensitive personal data in the UK, involving over a million records. As a result of our prompt advice and our client’s quick implementation of mitigations, no regulatory action was taken and the client was not obliged to notify any individual data subjects of the data loss
a global IT provider
on the unauthorised extraction of personal account details (including log in details, passwords and burglar alarm codes) of tens of thousands of individuals, by a disgruntled employee with previously undiscovered Islamic extremist sympathies. The details extracted included those of close family members of three heads of state, less than two weeks prior to a major inter-governmental conference. Our support involved close liaison with law enforcement and specialist agencies in three European states and resolution of a significant related commercial dispute
a number of global, U.S.-based financial institutions
on their notification strategies with data protection authorities in relation to the loss of back-up tapes being transported by subcontractors to long-term storage, some involving many millions of UK customer details
a German bank
before the competent data protection supervisory authority regarding an alleged large-scale unauthorised data loss
an information service company
on the loss of millions of sets of personal data due to a hacker attack and preparing the defence before the competent data protection supervisory authorities
-
advising a range of clients
advising a range of clients
-
advising Capita
advising Capita
-
advising a multinational jeweller
advising a multinational jeweller
-
A global regulated organisation
A global regulated organisation
-
a supplier to the NHS
a supplier to the NHS
-
a global IT provider
a global IT provider
-
a number of global, U.S.-based financial institutions
a number of global, U.S.-based financial institutions
-
a German bank
a German bank
-
an information services company
an information services company
Insights
Cyber security series: doomsday prepping
Thursday 1 December 2022, 13:00 to 14:00 GMT
Location: Global
With the frequency, scale and cost of cyber attacks growing rapidly, focus on cyber from boards, stakeholders, regulators and the media has never been more acute. Legal teams are, more than ever, being relied on to help their organisations adequately prepare for cyber incidents.
On 1 December 2022 at 13:00 GMT join our team of experts to discuss our essential checklist of tools and practices for cyber preparedness.
The webinar will end with a Q&A session during which you will be able to raise your questions with our speakers.
DOJ Fires Shots Across the Bow; Announces Two Major Cyber Initiatives
11 October 2021
On October 6, 2021, Deputy Attorney General (“DAG”) Lisa Monaco announced two major Department of Justice (“DOJ”) initiatives—involving both DOJ’s Civil and Criminal Divisions—confirming the DOJ’s commitment to finding and prosecuting cybercrime.
US - The SEC makes its mark on cyber
2 September 2021
The SEC is done playing around. This summer it has demonstrated its resolve bringing actions against public companies for alleged poor disclosures, and against SEC registrants for alleged poor cybersecurity controls.
Biden Administration takes on global corruption with first National Security Memorandum and Latin America Task Force
11 June 2021
President Biden has directed numerous U.S. federal agencies to develop a unified strategy to combat global corruption, which he has identified as a core national security interest. Among other key priorities, the administration’s fight against corruption will focus on the illicit use of cryptocurrencies, cybercrime, and offshore financial secrecy.
Three lessons from the Colonial Pipeline breach
17 May 2021
We look at the shutdown of the US Colonial Pipeline following a ransomware attack and key lessons to learn from this attack.
China: Key pointers on the Cybersecurity Law
17 May 2021
Mainland China’s Cybersecurity Law marks not just heightened security requirements but also a change in approach to the enforcement of data protection laws. We consider the current state of play.
The ongoing battle over the right to be forgotten
21 January 2019
A search on someone’s name in Google reveals a great deal about them. This might include where they work or went to school, as well as more private information such as their religion, sex life, or criminal convictions.
EU – The implementation of the “Cyber Security” Directive
27 September 2018
In July 2016, the EU adopted the so-called “Cyber Security” Directive. Digital service providers and companies that operate essential services must protect their information technology systems and notify security incidents to the appropriate regulator.
UK - Data breach round up: Liability in an indeterminate amount to an indeterminate class?
29 October 2018
This year has brought sweeping changes to the way businesses must respond to data breaches. There are new obligations to notify regulators of data breaches and significant decisions on liability in the Morrisons and Lloyds judgments.
