Cyber Security
Cyber Security
At a time when the risk of being exposed to cyber attacks is constantly increasing, cyber security is crucial to protect both business and government actors. DLA Piper has specialised legal expertise within cyber security and assists businesses, boards and management with preventive work, preparedness and incident management following cyber attacks. In addition, we assist companies with contractual aspects and fulfilment of regulatory requirements related to cyber security.
Cyber attacks can potentially have serious consequences for an organisation. Examples include extensive downtime, production stoppages and loss of sensitive customer data. New regulations also impose increasingly stringent requirements on how organisations should handle cyber security. Failure to comply with these requirements can in some cases result in personal liability for board members and significant fines for the undertaking.
Cyber security and data management regulations:
The regulatory framework is complex and sector-specific, and consists of amongst others:
- Regulations for the security of network and information systems (NIS2 Directive)
- Regulations for ICT risk in the financial sector (DORA)
- Regulations for cyber security in products with digital components and software (Cyber Resilience Act)
- Data protection legislation (GDPR)
DLA Piper assists in charting which rules apply to different undertakings and how businesses can effectively comply with these rules.
Our experience is that a holistic and sector-specific approach to regulatory compliance is essential to save both time and resources. With in-depth knowledge of finance, insurance, technology and health care, as well as a multidisciplinary team of experts, we can assist to ensure seamless and efficient compliance with relevant regulations.
Our role as Breach Response Manager
DLA Piper has since 2020, held the role of "breach response manager" on behalf of a leading international insurance company. This entails amongst others, providing immediate assistance to Norwegian organisations that are exposed to cyber attacks. This role provides us with unique and up-to-date knowledge of current cyber risks and attacks, such as ransom demands, DDoS, phishing and insider incidents. Our practical experience makes us well-equipped to assist organisations to effectively prevent and manage cyber attacks.
- Incident management (cyber security incident response)
- Crisis management
- Basic cyber security training
- Preparation of routines, contingency plans, contracts and other necessary documents for the data security of your undertaking
- Compliance with relevant data management and cyber security regulations
- Protection of privacy in the event of a cyber attack