We provide comprehensive support for clients that have experienced a cyber incident or fallen victim to cybercrime. We advise on crisis management and incident mitigation (risk assessment, reporting to the authorities, coordination with experts in IT forensics and data security, and liaising with law enforcement).
We represent clients in criminal, civil and administrative proceedings related to cyber incidents, including investigations into the causes, resolving the financial impacts, and defending against administrative fines for failure to comply with regulatory obligations.
We advise on all key cybersecurity regulations, such as the EU’s Digital Operational Resilience Act (DORA), the Network and Information Systems directives (NIS1/NIS2), the National Cybersecurity System Act, and the European Cyber Resilience Act. We conduct applicability verification, gap analysis, and full implementation projects.
We assist clients in developing contractual instruments for ensuring appropriate cybersecurity standards in dealings with key customers and suppliers, and support clients in negotiations with suppliers of key IT solutions.
We examine cybersecurity aspects in M&A transactions and due diligence processes, particularly for regulatory compliance of the entity under review and its existing cybersecurity contractual arrangements.