Businesses today face an increasingly challenging landscape when it comes to cybersecurity. We are witnessing a trend of increasing regulation in this space with EU legislators having just recently finalised their work on three major cybersecurity acts:
- The NIS2 Directive (NIS2)
NIS2 will repeal the current NIS Directive, amending the rules on security of network and information systems. It has a broader concept of ‘essential’ and ‘important’ entities and has materially expanded the types of organisations that fall within these categories.
- The Directive on the Resilience of Critical Entities (CER)
CER sets out rules that aim to reduce vulnerabilities and strengthen the physical resilience of critical entities.
- The Digital Operational Resilience Act (DORA)
DORA imposes requirements for the security of network and information systems supporting the business processes of financial entities in both digital and physical dimensions.
In addition, there is a Tsunami of further cyber-focused regulations that companies need to consider. Examples include the EU Cybersecurity Act, the proposal for an EU Cyber Resilience Act and the proposal for a Cyber Solidarity Act as well as UN R155 and UN R156.
Businesses are also increasingly exposed to data breaches and cyber-attacks. You can read out more about our predictions in the cybersecurity space in 2023 in our latest Tech & Comms Challenges, Opportunities & Predictions guide here.
These new legislative acts and growing cyber threats require businesses to take proactive measures to secure their networks, systems, and data. We firmly believe that cybersecurity challenges can only be met with a multidisciplinary approach: that is why our cybersecurity team is made up of specialists from our tech & comms, commercial, data protection, dispute resolution, corporate, HR and intellectual property groups. But for cyber our multidisciplinary approach goes further; we have longstanding and close relationships with a broad spectrum of forensic IT and cybersecurity consultants, PR agencies, cybersecurity insurers and other relevant experts to provide a holistic response.
Clients turn to us for advice on the challenges and opportunities presented by all angles of cybersecurity, for example we have:
- Helped clients understand their cyber risks and building their resilience;
- Developed the policies, plans and procedures to lay the foundations for a better security posture and ability to respond to attack;
- Advised on regulatory compliance requirements;
- Engaged in simulation exercises and providing training at all levels;
- Supported clients who are having to come to grips with cyber incidents;
- Advised on cyber insurance including coverage and policy wording;
- Advised on Bug Bounty Programmes; and
- Supported the corporate side of the cybersecurity industry in funding, buying, selling and floating cybersecurity businesses.
Cybersecurity incidents are always unpredictable: we can help you mitigate the impact through careful resilience planning, cyber education, and cyber incident response practice. But when an event does occur, we understand that it is an emergency, and we are well versed in responding accordingly. With our team’s international presence, we can offer round-the-clock assistance without any time zone limitations.
What cyber services and tools do we offer?
In addition to our cybersecurity advisory services, we offer the following tools and cyber services:
- NIS2/CER monitoring services
One of the tasks ahead of many businesses is monitoring how NIS2 as well as CER will be implemented in their jurisdictions. We help businesses track transposition and plans for implementation to ensure that they are as ready and as informed as they can be about the jurisdiction’s approach to the transposition of these important cybersecurity legislative acts. Read more about our NIS2 monitoring service here.
- NIS2 tool
We have developed a NIS2 tool to help clients determine whether they need to comply with the provisions of the new cybersecurity legislative act, which has significantly expanded the scope of entities that need to comply with.
- Cyber incident responder team
We have a 24/7 cyber emergency hotline that is manned by multilingual staff trained in crisis response.
- Cybersecurity trainings
We provide cybersecurity trainings. Such trainings are becoming more and more important considering the management liability introduced by NIS2.
Our CyberBox offering, an award winning multi-disciplinary approach to cyber threat, provides a complete support solution to clients who are addressing the risk of cyber-attack. You can find out more about CyberBox offering here.
If you would like to know more about our tools and cyber services, please get in touch with a member of the team.