Clifford Chance

Expertise & Experience

Find a Lawyer

In this section

Cyber security is now a board-level risk, not just an IT headache.

Legal support is essential in managing cyber risk. Clifford Chance has the commercially-minded legal experts to help you navigate the complex legal and regulatory framework that underlies this area.

Our global cyber security team can advise you on the full spectrum of cyber products to support your business with key developments in law and regulation. Areas in which we can support you include:

Due diligence

Our cyber experts will work with you to diligence your business, in order to develop a comprehensive cyber profile. This helps you to get to identify key cyber weaknesses, who your key stakeholders are and where your main data storage/processing takes place. We work with you to conduct a gap analysis and help you to reach minimum requirements on all global cyber laws and regulations. Our advice includes:

  • Technical and organisational security measures
  • Applicable law and regulation
  • Data mapping
  • Supply chain management
  • Diligence of M&A targets
  • Policies and procedures

Planning for an attack

We will work closely with your business to map your due diligence assessment against global regulatory requirements, to create a plan which enables a strategic and controlled incident response in the case of a cyber attack.

To ensure that your business is fully prepared, we will work with you on training and internal communications, as well as dry run war game exercises to assist with your response.

Responding to an attack

We are there to support you if an attack occurs. Our global network is available at all times through our 24 hour disaster hotline, and would work diligently with your business to implement your cyber attack plan. This includes ensuring that you engage with regulators within required time frames to comply with global breach notifications. Our advice includes:

  • 24 hour disaster hotline
  • Implementing the cyber attack plan
  • Regulator engagement and breach notification requirements
  • Crisis management
  • Maintaining legal privilege

Following an attack

We would use our extensive knowledge of your business to assist with your business recovery, following your cyber attack. Whether you are looking for a review of your cyber policies or responding with follow on litigation or enforcement, we have specialist advisors available globally to assist you. Our advice includes:

  • Review and recovery
  • Regulatory investigations and enforcement
  • Litigation and dispute resolution