Cyber and Data Risk

Business, government and our everyday lives are becoming ever more digitised and dependent on electronic connectivity, subjecting them to a constantly evolving series of operational and information cyber risks. It is rare for a week to pass without reference to a cyber incident or data breach in the media. The threat is industry and size agnostic. Organisations of all sizes from all sectors face legal and technical risks with global corporations, SMEs and public bodies all having been subject to damaging cyber events.

In order to address the reputational and financial impact that cyber security and data risk incidents can have, we offer pragmatic and focused solutions tailored to the needs of our clients and the claims that they face.

What we do

We provide our clients with a full service solution, tackling the full spectrum of cyber and data risk. We work collaboratively with cyber security experts to provide a coordinated approach to the legal and technical aspects of cyber risk, through our DataRisk Specialists product.

What we are known for

A Sector Specific Approach: Different sectors face different cyber and data risk challenges. We understand the law and the way it is applied by regulators and provide pragmatic, commercial risk based advice. Our Cyber & Data Risks team consists of sector specific experts in the insurance, health, and technology sectors, who can guide you through the plethora of sector specific laws and guidance.

International Reach: We regularly provide advice on international projects and cross-border cyber and data risk incidents, covering legal advice and notification obligations in multiple jurisdictions. Where we do not have an international office we work with trusted data protection specialist firms across the world offering a pragmatic and seamless approach across international boundaries.

DataRisk Specialists is a collaboration between DAC Beachcroft and our chosen technical information security advisors, providing a coordinated advisory service to organisations seeking to assess, review and improve their information security. In the event that an organisation's security is breached, we provide comprehensive breach management solutions.

We are the first choice law firm for insurers who indemnify these risks, advising both the insurers and policyholders who suffer data breach incidents and face claims in respect of data protection and information law.

We provide advice that reflects all aspects of the client's legal duties and identifies practical steps that can be taken to manage risks appropriately – this is what makes us first choice of adviser for many clients in our chosen sectors.

Detailed elements of our services

Working across all sectors and jurisdictions, our Cyber & Data Risk services offer a full suite of services:

Provision of data risk advisory and consultancy services including:

• Training
• Advice helplines
• Pre-breach services (including breach response planning, tabletop cyber incident simulation, practices, policies and precedents)
• Co-ordinated data breach response service

Response hotline providing clients with access to:

• Specialist cyber and data risk lawyers
• IT security experts
• Experienced PR consultants

Cyber-related insurance claims including:

First party claims arising out of:

• Network security and privacy
• Cyber-extortion/cyber-crime
• (Non-physical) Business interruption
• Property losses (data retrieval, reconstruction and infrastructure replacement)
• Crisis management/reputational damage claims

Third party claims arising from:

• Privacy claims for data protection infringement (including breaches of the GDPR and PECR (cookies and similar technologies claims)), misuse of information, negligence, breach of trust and confidentiality claims
• Technology and telecommunications E&O/PI
• Internet media/advertising liability (including IP infringement, libel/slander/defamation)
• Civil liability arising out of data breaches or hacking incidents
• Investigations carried out by regulatory bodies

Cyber coverage and wordings:

• Advising Insurers in respect of coverage issues arising out of cyber and data risk claims
• Drafting and reviewing cyber wordings, including advising on common cyber exclusions and management of non-affirmative cyber risk