Cyber security refers to the measures taken to protect computer systems from unauthorised access or being rendered inaccessible. These systems play a vital role in providing a variety of essential services in our everyday lives, however our reliance on them results in severe disruption when things go wrong. Cybercrime is any kind of criminal activity that targets or uses a computer, computer network or networked device. It is a vast area of law with greatly varying offences such as hacking, fraud, harassment and espionage.
The law around the use of technology to conduct criminal activity has developed significantly in recent years, in part due to the volume and sophistication of crimes involving technology. The law concerning cyber security is also evolving into a very sophisticated framework of rules and regulations, which can be difficult to navigate.
Our team of cyber security lawyers advises clients on navigating these rules and regulations to help minimise their business’s risk of falling victim to cybercrime.
We can assist you with cyber risk assessments and due diligence processes, incident response, contractual undertaking and transaction/project work, and offer expert representation at all stages of an investigation, should this be required.
Why should your business care about cyber security?
UK data protection law requires organisations to ensure they have the correct technical and organisational measures in place to secure personal data and, under certain circumstances, organisations are also subject to data breach reporting requirements. Failure to implement appropriate security measures can result in significant enforcement action by the ICO, including the imposition of potentially large fines.
Whilst UK data protection laws focus on personal data, the Network and Information Systems (NIS) Regulations 2018 focus on the security of IT systems. The NIS regulations apply to operators of essential services such as health, energy and infrastructure, and to relevant digital service providers such as online marketplaces, search engines and cloud services. Such organisations are subject to cybersecurity and incident reporting requirements.
The National Cyber Crime Unit of the National Crime Agency is the main regulator of cybercrime in the UK, and investigates, prosecutes and polices instances of cybercrime and breaches of cyber security across the country.