Expertise
Our Cybersecurity team is comprised of lawyers and professional staff who have a deep level of expertise and experience in handling cybersecurity attacks and data breaches and who have acted in a number of high profile and complex matters in recent years.
The team is regularly instructed in the immediate aftermath of a cyber-attack or data breach to advise on the legal and regulatory steps to be taken and to guide the board and senior management of an organisation through the containment, mitigation, investigation and resolution stages of a cyber-attack or breach.
Cybersecurity is a business-critical issue and is a key part of an organisation’s overall risk management strategy. The cyber threat landscape is evolving rapidly and when cyber-attacks occur, time is of the essence as there is an urgency to deciding a number of key issues including: data privacy and regulatory reporting; legality of ransom payments; insurance coverage; commercial considerations; assessment of commercially sensitive, personally identifiable information (“PII”), privileged or customer information is at risk of being leaked etc. This assessment often runs in parallel with a data extortion ransom request from threat actors requiring expedited consideration and decision making within a key crisis management stakeholder group.
Our team is complimented and supported by our Legal Tech Services Group.
OUR CREDENTIALS
Our team has the expertise, experience, and capability to provide the following services both in preparation for and in the aftermath of an attack, working with an organisation’s, board, senior management and legal teams, forensic advisers, insurers and ransomware negotiators on:
- steps for containment, mitigation and investigation of a cyber-attack or breach including seeking injunctive relief as necessary;
- ongoing rapid triage and data analytics to access information potentially at risk;
- advising on the legal and regulatory notifications to be issued, including coordinating corporate communications where necessary;
- co-ordinating with An Garda Síochána Cyber Unit and the National Cyber Security Centre on the reporting and investigation of an attack where required;
- advising on any legal implications from the payment of a ransom and advising on corporate governance obligations;
- monitoring the ‘dark web’ for any release of compromised data and liaising with online platforms for the prevention and removal of any compromised data being published online;
- reviewing compromised data through the use of an advanced artificial intelligence platform to identify the categories of affected data and persons; and
- advising on any legal claims or proceedings arising from the breach or incident e.g. negligence claims against third party providers and/or defence of compensation claims from affected individuals or other third parties.
Our team also advises on ‘cyber-readiness’ programmes, providing training through scenario-based case studies and workshops to illustrate a real-life sense of the typical anatomy of a cyber-attack and how to respond. The team also conducts reviews of relevant internal policies and procedures, having regard to any current or upcoming legal obligations and best practices under the EU General Data Protection Regulation and associated guidance and under the NIS Directives.
Tier One – Data Privacy and Data Protection
“The team is market-leading in terms of the depth of its technical knowledge, experience in relevant sectors (especially in working with tech companies), and the level of its service.”
“The technology team at Arthur Cox is a market leader in the data privacy and protection space. Sound advice, technical understanding and a deep understanding of the regulatory regime make them the stand-out firm in the area.”
The Legal 500, 2023
“The team at Arthur Cox is very proactive, approachable, and practical.”
“Always available and prepared to go the extra mile.”
"No matter what arose in the case, Arthur Cox had the answers."
Chambers Global, 2023
Find out more: