Skip to main content

Clifford Chance

Clifford Chance
Cyber Security<br />

Cyber Security

Cyber Security is now a board-level risk

Cyber security is a board-level risk, not just an IT priority.

In a digital age where online threats are progressing at an unprecedented pace, our team of cross-practice cyber lawyers deliver robust advice and support to clients across the globe.

We combine technical expertise with an in-depth knowledge of the evolving global legal and regulatory cyber landscape. Our knowledge comes from extensive client work, engagement with industry forums and key relationships with regulatory authorities and policymakers.

Our lawyers work closely with an internal specialist forensic team, comprising experienced accountants and forensic technologists based in London and New York. This forensics capability provides key benefits for clients in cyber incident response and investigations, including malware and ransomware cases, insider threat, data loss and network intrusions.

Our extensive track record includes working for client across the full spectrum of cyber advice. We focus on your risk approach and alignment with your wider cyber and operational resilience strategy, on a three-pronged approach, targeting governance, engagement, and response.

Areas in which we can support you include:

Governance

  • Leadership:
    • Board risk oversight
    • Organisational risk tolerance and appetite
  • Strategy: 
    • Operating structure and model
  • Information risk:
    • Policies and standards
    • Third party management
    • Supply chain risk
    • Transactional exposure
  • Compliance risk:
    • Data protection and privacy
    • Reporting frameworks
    • Policy monitoring
    • Risk assessments

Engagement

  • Education: 
    • Security education and awareness
  • Architecture:
    • Business continuity planning
    • Security architecture mapping (TOMs)
    • Data mapping
    • Product security
  • Monitoring:
    • Legal risk monitoring and scoring
    • Horizon scanning
  • Incident preparation:
    • Practice exercises
    • Communication planning
    • Cyber incident plan design and refresh

Response

  • Security incident response:
    • Crisis management support
    • Complex internal investigations
    • Forensics and document management support
    • Notifications to authorities and law enforcement
    • Engagement with stakeholders and data subjects
  • Public enforcement:
    • Submissions and responses to regulators
    • Challenging adverse decisions, penalties and appeals
    • Regulatory engagement and policy
  • Private enforcement:
    • Litigation risk
    • Defending litigation
    • Vicarious liability considerations
  • Remediation:
    • Root cause and lessons learnt analysis
    • Governance remediation
    • Ongoing monitoring

Navigating cybersecurity and resilience in 2024

The global trend towards increased cybersecurity and resilience regulation will tighten existing requirements and affect a broader range of businesses than ever before. From updates in SEC and NYDFS cyber requirements, to Singapore’s proposed Cybersecurity Amendment Bill, our global panel featuring Megan Gordon, Holger Lutz, Oscar Tang, Alison Evans and David Olds examined developments in the US, APAC, Europe and the Middle East.

Find out more

Our clients say:

Clifford Chance are able to deal with issues on a global scale and are able to help us understand where the regulatory environment is heading to.

Chambers & Partners: Data Protection & Information Law

They are careful with complex and sophisticated matters but also very practical within their guidance.

Chambers & Partners: Data Protection & Information Law

Clifford Chance’s data protection, privacy and cybersecurity practice provides strategic advice that is informed by its experience working for clients across different industries.

Legal 500: Data Protection, Privacy & Cybersecurity

Insights

Explore our insights

Show more
  • Share on Twitter
  • Share on LinkedIn
  • Share via email
Back to top