Cyber Security Law 

Prevention

In order to best prevent legal risks from IT security incidents, a key focus of our consulting services is the creation and implementation of a cyber defense legal framework. The goal of our concept is to limit the company's liability in the event of IT security incidents, taking into account the individual liability risks of the management, the so-called D&O liability.

In the course of optimal prevention, we analyze and review the individual data protection organization as well as existing contracts with suppliers and customers, e.g. in the form of general terms and conditions, managed service contracts, internet and cloud contracts.

We also examine whether the technical and organizational measures in place comply with any legal obligations, as well as the legal aspects of protecting trade secrets. In addition to our audit activities, we can also assist you in setting up and implementing a Cyber Incident Response Plan (CIRP) to implement the regulations as part of a holistic approach.

Based on the results of the audit, we also assist you in implementing further preventive measures. In addition to the implementation and documentation of technical and organizational measures (TOM) for information security, as required by Art. 24 GDPR, we also take care of the inclusion of legal obligations in incident response plans and the legal support of certification processes (e.g. ISO 27001 or ISO 27001 based on IT-Grundschutz).

And what about specific questions?

Thanks to the direct line to our employees, you will always get a quick and well-founded answer.

Response

Despite a comprehensive prevention plan, an IT security incident can never be completely ruled out. In the event of an actual incident, however, we will be at your side as a competent advisor through all phases of management and will be on hand in the event of a fire.

In case of emergency, we support you in reporting to supervisory authorities, e.g. in case of a data protection incident according to Art. 33 GDPR or in case of disruptions of the IT critical infrastructure according to § 8b BSI Act. In addition, we advise you on the necessary information to be provided to customers, e.g. according to Art. 34 GDPR.

Our goal is to maintain the trust of your customers even in the event of a security incident, while at the same time fulfilling all legal obligations and ensuring that no legally damaging statements are made.

We can also assist you in cooperating with investigating authorities, such as the police, and help you carefully document the incident in a legally compliant manner.

In the event of a security incident, you often have very little time to react. We ensure that the legal preparation and support of communications with authorities, customers and other third parties is handled in a legally compliant, effective and timely manner, thus providing legal support for damage assessment and mitigation.

Aftercare

Of course, we also provide support and advice after an IT security incident.

By reviewing and analyzing the cyber attack, we can help your organization prepare final reports and documentation (e.g., for regulatory agencies).

We can also help you defend against liability claims and communicate with cyber insurers. Proper aftercare also includes the optimization of the compliance management system to close vulnerabilities and security gaps revealed by the IT emergency. We also help you keep your incident management documentation up to date and work with you to evolve your IT security architecture.

Preparation of legal texts and procedural documentation

Once the concept and the organizational framework are in place, we take over the preparation of all legal texts:

• CIRP (Cyber Incident Response Plan) Structure
• Final reports and documentation (e.g. for regulatory authorities)
• Compliance Management System

Legal Representation

If necessary, we will represent you competently in court, before regulatory authorities and affected parties. We help you reduce your risk of liability. Our experts always develop the appropriate defense strategies from Cyber Defense plus Legal Framework in each individual case, thus aiming for holistic protection - always with a view to the greatest possible legal security for your company.

Expert opinion

We provide you with qualified opinions on IT security law. First, we develop a comprehensive understanding of your business model and specific IT situation. Our experienced team begins with a concrete inventory and risk analysis to identify IT risks and provide you with clear recommendations on how to prevent security incidents and close security gaps.

Implementation and documentation of technical and organizational information security measures (TOM)

As a specialized law firm, we have in-depth knowledge of the processes for implementing and documenting the information security measures required, for example, by Art. 24 GDPR.

In order to establish sufficient information security, a comprehensive information security management is required to establish and continuously implement a well thought-out and effective process for establishing information security.

As a partner at your side, we support you in the implementation and review of all measures to ensure information security in your company.

Establishment and implementation of a CIRP (Cyber Incident Response Plan)

Creating a CIRP ensures a rapid response capability in the event of a cyber attack or data breach. The plan outlines all necessary measures and actions in advance and clearly defines responsibilities within the team - enabling a smooth and rapid response when it counts. The purpose of the Cyber Incident Response Plan is to ensure the rapid containment of a cyber incident and to minimize any resulting damage.

Incident response is the process by which an organization responds to IT threats such as cyber attacks, security breaches, and server failures. Effective incident response management aims to maintain or restore digital services as quickly as possible. The first priority of the management system is to minimize the negative impact of an incident.

The goal is to establish an effective response to a security incident before it occurs. This is typically done in a five-part process: preparation, identification and reporting, assessment, response in the form of investigation and remediation, and documentation of the results.

Such a plan looks different for every company, but TRÖBER@ legal is happy to provide you with a set of "best practices" in order to adapt the response to IT security incidents in the best possible way to your company and its needs.

We will be happy to assist you in drawing up a plan - tailored to your company - and help you to protect yourself as effectively as possible against cyber attacks and, if the worst comes to the worst, to keep the damage caused to a minimum.

Data Protection and Security Awareness Training Courses

In order to create a sufficient level of security in the everyday use of IT systems, awareness of the problem of cybersecurity must first be created. Only when this foundation has been laid can a change in behavior based on the safe use of digital content be achieved.

For successful incident prevention, it is therefore essential to successfully integrate security awareness measures to make the interface between man and machine safer and better.

As specialists in the field of IT security, we are happy to provide you with tips and information on data protection and security awareness.

Compliance Management System

We also offer services to optimize the compliance management system.

The CMS is the set of structures, processes and measures established within an organization to ensure compliance with legally binding regulations. The components of an effective and meaningful compliance management system can be found in the generic standard ISO 37301, to be published in 2021, and include support and commitment from senior management, a comprehensive record of information about the organization, information about operational planning, and measures for continuous improvement and crisis management.

An effective CMS system should identify risks of significant non-compliance as quickly as possible and, in the best case, in a timely manner so that security incidents can be averted.

Cyber Attack

Even in the unfortunate event that your company is the victim of a cyber attack, you can count on us. Most importantly, it is better to report too much than too little.

It can never be ruled out that in the event of a failure to report, a legal obligation may have been overlooked. Therefore, it is better to be safe than sorry.

We will be happy to advise you quickly, competently and effectively on which reporting obligations must be observed in a specific case.

Emergency Contacts

We help your organization notify the right people about an incident in the event of an emergency. In Germany, the Federal Office for Information Security (BSI) is responsible for the operational cyber security of critical infrastructures and is the general reporting point for security incidents. If the incident is an acute case of cybercrime, the Federal Criminal Police Office or the State Criminal Police Office must also be informed. If, on the other hand, it is "only" a data breach of personal data, the relevant state commissioner for data protection and freedom of information is the right contact (e.g. LDI NRW). Under certain circumstances, customers and data subjects may also need to be informed if liability and data protection issues are involved, or if there is doubt about the unauthorized disclosure of trade secrets.

We are here to assist you in complying with any reporting requirements and to answer any questions or concerns you may have.