top of page
Image by hannah joshua

Humankind lives in two worlds.

One is physical and ancient. The other is virtual and new in comparison. The virtual, new world is the cyberspace. It is a digital space, a space of artificial intelligence, a space of wonders and opportunities. To thrive in both worlds, we need to be safe and secure. This is essential for our happiness, health, wellbeing and freedom.

Safety and security are our human rights.

Image by Dan Nelson
Image by Luis Villasmil

Have you been hacked?

In an ideal world, organisations will be prepared to deal with security incidents. They will have identified the risk scenarios of most concern to them, developed plans to deal with them and rehearsed their responses. 

Back View in the System Control Center Operator Working. Multiple Screens Showing Technica
Incident Response

The short term goals of incident response are to understand the nature of the problem, contain it and recover from it, while minimising damage. An incident management team will have overall responsibility for the response, supported by subject matter experts such as forensic investigators, IT and business continuity management. Third party support is needed in many cases.

Image by Markus Winkler
Breach Reporting

There are many legal, commercial and reputation reasons why a cyberattack or data breach may need to be reported to third parties, such as Gov CERTs, law enforcement agencies, regulators, insurers, commercial partners, workers and impacted persons.  These reports and communications need careful handling.

Legal Problems

Legal support is needed to assess the implications of an incident, to ensure that all legal duties are identified and addressed and to protect the organisation from legal risk. Legal representation on the incident management team is essential.  No reports or communications should be issued without a legal review. Lawyers should always be involved in the engagement of third party support providers.

Image by Glenn Carstens-Peters
Working Together

Free support available!

Value added help for large UK based businesses, with no strings attached.
Incident Response Readiness Assessments

This online assessment tests how confident you feel about your organisation's readiness to respond to a serious cybersecurity incident or data breach. Built around the key requirements for incident management and response as contained in international standards, this assessment will generate you a comprehensive written report with helpful visualisations immediately upon completion. 

Ransomware and Data Extortion Training

These training sessions can be provided as a presentation, or a roundtable discussion, or a desktop incident response exercise. Depending on the format you choose, you will learn about the technical nature of ransomware; the motivations, skills and goals of the threat actors; the components and processes for a good quality response; how to deal with threat actors and when you can and cannot pay ransoms; and the legal issues that arise. 

Incident Response Playbook
Retainer Letter

Playbooks provide the backbone of a good quality incident response, guiding the organisation through the issues that arise, the steps they need to take and who does what. This playbook covers the legal aspects of incident response and is a must-read document for the C-Suite, General Counsel, legal teams, CISOs and Data Protection Officers.

This obligation-free retainer letter gives you immediate access to multi-disciplinary incident response services and legal support should you ever need it.  It has been designed to avoid a common problem in breach situations, of having to go through time consuming procurement processes with third party support providers in the midst of a crisis. Instead, if the worst happens, the retainer letter enables you to instantly call upon the support that you need, should you choose to do so.  You are not obliged to call upon support and there is no charge for entering into the retainer.  

What's the catch? Believe it or not, there isn't one. The only limitations on gaining access to these free services are my capacity to provide support, any professional or commercial conflicts of interest, the size of your business and that you need to be based in the UK. Note that these free services will be provided through my law firm, DWF Law LLP.

Image by Slejven Djurakovic

Legal 500 and Chambers and Partners, legal directory reports and testimonials

bottom of page