All situations which can quickly spiral out of control if not handled with professionalism and efficiency, data breaches, IT failures and cyber attacks can cause serious and long-lasting damage to businesses. From risks of global reputational damage, to diminishing trust from key stakeholders, ensuring survival in the aftermath of a breach requires assistance from an experienced cyber security lawyer.
Specialists in cyber security law, the Womble Bond Dickinson team of cyber risk advisors work alongside companies from a wide range of industries, helping them to prevent attacks, minimise risks and manage exposures. Offering a comprehensive service which spans from proactive prevention and response strategies, to post-event management and investigations, clients from every sector can expect unparalleled assistance at every stage.
A leading voice in cyber security law, our team is uniquely composed of specialists from both the insurance and data protection sectors. This dual background ensures that our advice is fully-informed, and gives both insurers and their policyholders confidence in the knowledge that their legal advisors have a complex understanding of the myriad of risks which surround data breaches and cyber attacks.
Cyber security law services
An increasingly common issue which can affect any company with a digital footprint, cyber incidents can range from phishing scams, failed data access, integrity attacks and accidental IT failures, to targeted hacking, insider threats and electronically-initiated fraud. Whatever the cause, however, incidents which put data and money at risk are dealt with quickly and efficiently by our team to ensure that business interruption is kept to a minimum.
At Womble Bond Dickinson, our cyber risk and incident response services are designed to minimise future liability and mitigate risk. To that end, we take a two-pronged approach and assist clients with both pre-emptive measures and post-breach response.
Pre-emptive services
Lead data audits and analysis of how data flows and computer systems impact cyber risk and associated legal obligations
Assist with creation of incident response plans and data policies and procedures
Draft cyber policy wordings
Provide data protection and incident response training to executives, risk teams, technologists and client’s employees
Assist with creation of an incident response team
Facilitate table-top training exercises for IRT, C-Suite and board of directors
Listen to and advise clients on protections and processes built for the precise needs and obligations of that business.
Breach response services
Act as a dedicated first response team with 24/7 availability, capable of rapidly identifying issues and managing exposures by following our pre-developed plan
Investigate data incidents and help coordinate the client’s response, preserving privileges and minimising legal, reputational, and business risk
Advise on cyber policy coverage
Assist with crisis communications with stakeholders, policyholders, insurers and other key parties to minimise reputational impact, as well as manage interactions with regulators and law enforcement
Ensure compliance with breach notification laws, regulations, system rules and contract obligations, including GDPR and HIPAA
Devise response plans which benefit both clients and affected third parties
Create e-discovery strategies including preservation, collection, and review
Manage and/or represent clients in any litigation, regulatory actions, or other investigations arising out of cyber security incidents
Contribute to a lessons-learned review of the incident to mitigate future risk and minimise legal liability.
Clients of our cyber attack solicitors
Representing and advising clients from a wide range of sectors, our team of cyber attack solicitors have experience serving major insurance companies and corporate policy holders within the healthcare, finance, communications and retail industries, as well as organisations operating in non-profit, university and government spheres. Practised in getting to know businesses before advising on data protection, risk mitigation and incident responses, our team prides themselves on their ability to provide tailored guidance which takes into account all stakeholders.
Whether you’re looking for instant and informed cyber attack advice to help aid your recovery from a recent incident, or want to integrate your existing incident response team with our own lawyers to improve its effectiveness, help from our cyber security law firm is always available. To find out more about how we can help you build your cyber attack defences, simply fill out our online contact us form, and a member of the team will be in touch.
Investigate data incidents and help coordinate the client’s response, preserving privileges and minimizing legal, reputational, and business risk
Advise on cyber policy coverage
Manage interactions with regulators and law enforcement
Ensure compliance with breach notification laws, regulations, system rules and contract obligations, including GDPR and HIPAA
Devise response plans which benefit both clients and affected third parties
Create e-discovery strategies including preservation, collection, and review
Manage and/or represent clients in any litigation, regulatory actions, or other investigations arising out of cyber security incidents
Contribute to a lessons-learned review of the incident to mitigate future risk and minimize legal liability
Pre-emptive services
Lead data audits and analysis of how data flows and computer systems impact cyber risk and associated legal obligations
Assist with creation of incident response plans and data policies and procedures
Draft cyber policy wordings
Provide data protection and incident response training to executives, risk teams, technologists and client’s employees
Assist with creation of Incident Response Team
Facilitate table-top training exercises for IRT, C-Suite and board of directors
Listen to and advise clients on protections and processes built for the precise needs and obligations of that business
Examples of work
Improved data resilience for RAI by conducting tabletop exercises and regular team meetings to examine changes in technology and regulation, and to update definitions and policies
Advised Heartland Payment System in its response to the loss of 130 million credit card data sets
Successfully represented the State of South Carolina in litigation involving the exposure of six million tax records
Assisted major public university in recovery from an extensive data exposure incident
Addressed healthcare vendor data exposures affecting employees and retirees of client companies
Investigated and advised on liability and recovery actions after £millions diverted from law firm accounts in phishing scams leading to significant recoveries
Advised on email fraud perpetrated on bond broker causing clients funds to be diverted to fraudsters. Obtaining partial recovery from insurance agent
Advised on hack of insurance broker's email account and dealing with regulatory action ensuring compliance but minimization of profile of incident
A national retailer exposed information about tens of thousands of customers on its website during a project to migrate to a new server. Working with the retailer's IT team, we determined what data had been accessed and we advised about notification to the regulator and customers. We also advised on the recovery from a negligent IT contractor
A major security breach as a result of hard-drives, containing 3,000,000+ banking records, not being securely destroyed. We advised on how to manage the breach, worked with IT forensics to assess the accessibility of the data on the hard-drives and drafted the notification to the ICO. Our client's prompt and comprehensive response, along with the extremely detailed report submitted to the ICO, meant that the ICO took no further action
A disgruntled employee stole a customer data and sent malicious communications to the retailer's customers. We investigated the incident and prepared responses to the ICO's request for information following a customer complaint to the ICO. We also advised on the disciplinary proceedings against the employee and a possible defamation action in relation to the malicious communications
A large medical training provider suffered a serious email hacking incident. We advised on issues relating to proceedings against the hacker and an IT provider. We also defended an ensuing libel claim
Client’s HR manager took home HR records (including medical information) about employees and accidentally misplaced them when the records should have been stored in a locked cabinet. We advised on pro-actively notifying the regulator. As a result, the regulator accepted that this was a one-off incident that did not require further investigation.
Overview
Overview
All situations which can quickly spiral out of control if not handled with professionalism and efficiency, data breaches, IT failures and cyber attacks can cause serious and long-lasting damage to businesses. From risks of global reputational damage, to diminishing trust from key stakeholders, ensuring survival in the aftermath of a breach requires assistance from an experienced cyber security lawyer.
Specialists in cyber security law, the Womble Bond Dickinson team of cyber risk advisors work alongside companies from a wide range of industries, helping them to prevent attacks, minimise risks and manage exposures. Offering a comprehensive service which spans from proactive prevention and response strategies, to post-event management and investigations, clients from every sector can expect unparalleled assistance at every stage.
A leading voice in cyber security law, our team is uniquely composed of specialists from both the insurance and data protection sectors. This dual background ensures that our advice is fully-informed, and gives both insurers and their policyholders confidence in the knowledge that their legal advisors have a complex understanding of the myriad of risks which surround data breaches and cyber attacks.
Cyber security law services
An increasingly common issue which can affect any company with a digital footprint, cyber incidents can range from phishing scams, failed data access, integrity attacks and accidental IT failures, to targeted hacking, insider threats and electronically-initiated fraud. Whatever the cause, however, incidents which put data and money at risk are dealt with quickly and efficiently by our team to ensure that business interruption is kept to a minimum.
At Womble Bond Dickinson, our cyber risk and incident response services are designed to minimise future liability and mitigate risk. To that end, we take a two-pronged approach and assist clients with both pre-emptive measures and post-breach response.
Pre-emptive services
Lead data audits and analysis of how data flows and computer systems impact cyber risk and associated legal obligations
Assist with creation of incident response plans and data policies and procedures
Draft cyber policy wordings
Provide data protection and incident response training to executives, risk teams, technologists and client’s employees
Assist with creation of an incident response team
Facilitate table-top training exercises for IRT, C-Suite and board of directors
Listen to and advise clients on protections and processes built for the precise needs and obligations of that business.
Breach response services
Act as a dedicated first response team with 24/7 availability, capable of rapidly identifying issues and managing exposures by following our pre-developed plan
Investigate data incidents and help coordinate the client’s response, preserving privileges and minimising legal, reputational, and business risk
Advise on cyber policy coverage
Assist with crisis communications with stakeholders, policyholders, insurers and other key parties to minimise reputational impact, as well as manage interactions with regulators and law enforcement
Ensure compliance with breach notification laws, regulations, system rules and contract obligations, including GDPR and HIPAA
Devise response plans which benefit both clients and affected third parties
Create e-discovery strategies including preservation, collection, and review
Manage and/or represent clients in any litigation, regulatory actions, or other investigations arising out of cyber security incidents
Contribute to a lessons-learned review of the incident to mitigate future risk and minimise legal liability.
Clients of our cyber attack solicitors
Representing and advising clients from a wide range of sectors, our team of cyber attack solicitors have experience serving major insurance companies and corporate policy holders within the healthcare, finance, communications and retail industries, as well as organisations operating in non-profit, university and government spheres. Practised in getting to know businesses before advising on data protection, risk mitigation and incident responses, our team prides themselves on their ability to provide tailored guidance which takes into account all stakeholders.
Whether you’re looking for instant and informed cyber attack advice to help aid your recovery from a recent incident, or want to integrate your existing incident response team with our own lawyers to improve its effectiveness, help from our cyber security law firm is always available. To find out more about how we can help you build your cyber attack defences, simply fill out our online contact us form, and a member of the team will be in touch.
What we do
Breach response
Investigate data incidents and help coordinate the client’s response, preserving privileges and minimizing legal, reputational, and business risk
Advise on cyber policy coverage
Manage interactions with regulators and law enforcement
Ensure compliance with breach notification laws, regulations, system rules and contract obligations, including GDPR and HIPAA
Devise response plans which benefit both clients and affected third parties
Create e-discovery strategies including preservation, collection, and review
Manage and/or represent clients in any litigation, regulatory actions, or other investigations arising out of cyber security incidents
Contribute to a lessons-learned review of the incident to mitigate future risk and minimize legal liability
Pre-emptive services
Lead data audits and analysis of how data flows and computer systems impact cyber risk and associated legal obligations
Assist with creation of incident response plans and data policies and procedures
Draft cyber policy wordings
Provide data protection and incident response training to executives, risk teams, technologists and client’s employees
Assist with creation of Incident Response Team
Facilitate table-top training exercises for IRT, C-Suite and board of directors
Listen to and advise clients on protections and processes built for the precise needs and obligations of that business
In need of a cyber security lawyer? Look no further.
At Womble Bond Dickinson we have an exceptional team of talented lawyers and business professionals who can offer guidance and find the solutions right for your business. We have both broad and niche expertise across all our UK and US offices.
Examples of our work and how we’ve helped companies of all sizes with a wide range of challenges.
Improved data resilience for RAI by conducting tabletop exercises and regular team meetings to examine changes in technology and regulation, and to update definitions and policies
Advised Heartland Payment System in its response to the loss of 130 million credit card data sets
Successfully represented the State of South Carolina in litigation involving the exposure of six million tax records
Assisted major public university in recovery from an extensive data exposure incident
Addressed healthcare vendor data exposures affecting employees and retirees of client companies
Investigated and advised on liability and recovery actions after £millions diverted from law firm accounts in phishing scams leading to significant recoveries
Advised on email fraud perpetrated on bond broker causing clients funds to be diverted to fraudsters. Obtaining partial recovery from insurance agent
Advised on hack of insurance broker's email account and dealing with regulatory action ensuring compliance but minimization of profile of incident
A national retailer exposed information about tens of thousands of customers on its website during a project to migrate to a new server. Working with the retailer's IT team, we determined what data had been accessed and we advised about notification to the regulator and customers. We also advised on the recovery from a negligent IT contractor
A major security breach as a result of hard-drives, containing 3,000,000+ banking records, not being securely destroyed. We advised on how to manage the breach, worked with IT forensics to assess the accessibility of the data on the hard-drives and drafted the notification to the ICO. Our client's prompt and comprehensive response, along with the extremely detailed report submitted to the ICO, meant that the ICO took no further action
A disgruntled employee stole a customer data and sent malicious communications to the retailer's customers. We investigated the incident and prepared responses to the ICO's request for information following a customer complaint to the ICO. We also advised on the disciplinary proceedings against the employee and a possible defamation action in relation to the malicious communications
A large medical training provider suffered a serious email hacking incident. We advised on issues relating to proceedings against the hacker and an IT provider. We also defended an ensuing libel claim
Client’s HR manager took home HR records (including medical information) about employees and accidentally misplaced them when the records should have been stored in a locked cabinet. We advised on pro-actively notifying the regulator. As a result, the regulator accepted that this was a one-off incident that did not require further investigation.
This selection will switch the website from presenting information primarily about the United Kingdom to information about the United States. If you would like to switch back, you may use location selection options at the top of the page.
Contact
Although we would like to hear from you, we cannot represent you until we know that doing so will not create a conflict of interest. Also, we cannot treat unsolicited information as confidential. Accordingly, please do not send us any information about any legal matter until we authorize you to do so. To initiate a possible representation, please call one of our lawyers or staff members.
By clicking the “ACCEPT” button, you agree that we may review any information you transmit to us. You recognize that, even if you submit information that you consider confidential in an effort to retain us, our review of that information will not create an obligation on us to keep it confidential and will not preclude us from representing another client directly adverse to you, even in a matter where that information could and will be used against you.
Please click the “ACCEPT” button if you understand and accept the foregoing statement and wish to proceed.