Cyber Security Handbook - The Essential Handbook for In-house Counsel

For years, cyber security was the preserve of information security teams. Few laws covered information security and there was little reason for lawyers to take a deep dive into such a complex and technical arena. But in the past five years the legal obligations on companies have expanded, claimants have unleashed a wave of class actions, and regulators have become really interested in these issues. All this thrusts in-house counsel squarely into the cyber arena.

We have had a lot of questions from our clients about cyber over the years. Some are about the legal framework (which is steadily becoming more onerous) but many are about a much broader issue; namely what is the role of in-house counsel in ensuring an organisation is prepared for cyber threats?

We have consolidated our answers in this handbook. It reflects our experience that an effective and informed in-house counsel is critical – not just to advise on regulatory requirements and potential liability – but also to help guide and co-ordinate the wider cyber response. This doesn’t mean that you need a complete understanding of what is happening at the binary level, but you need to know about what governance models work best, the types of technology involved and regulatory expectations about how that technology is deployed. This handbook is intended to provide that understanding.

Please note that this handbook is designed to be a general resource, and you will also need to take into account any particular rules that your organisation is subject to, depending on the nature of the business and where it operates.