In the event of a cyber-attack, action must be taken quickly!

Risk-conscious organizations prepare themselves and commission specialist companies for incident response and forensics. These companies do a good job when it comes to dealing with the attack immediately. In many cases, however, additional questions are raised that go beyond technical problem solving:

• Do I have to report the event to a data protection authority or regulator?
• Do I have to inform my contractual partners and clients? How and when should this happen? What obligations do I have?
• What information do I need to provide? In what detail? Are there specific formats?
• When and to whom must/should I provide this information? What deadlines must be met?
• Does an attack also have an impact on the integrity and quality of evidence of my data?
• What integrity protection measures are recommended?
• How do I communicate the event internally/externally?

In addition to the technical incident response solutions, krm has created the service:

Data Protection & Legal Response (LIR)

as a new offering.

All further information can be found in our online presentation.