In the event of a cyber-attack, action must be taken quickly!
Risk-conscious organizations prepare themselves and commission specialist companies for incident response and forensics. These companies do a good job when it comes to dealing with the attack immediately. In many cases, however, additional questions are raised that go beyond technical problem solving:
- Do I have to report the event to a data protection authority or regulator?
- Do I have to inform my contractual partners and clients? How and when should this happen? What obligations do I have?
- What information do I need to provide? In what detail? Are there specific formats?
- When and to whom must/should I provide this information? What deadlines must be met?
- Does an attack also have an impact on the integrity and quality of evidence of my data?
- What integrity protection measures are recommended?
- How do I communicate the event internally/externally?
In addition to the technical incident response solutions, krm has created the service:
Data Protection & Legal Response (LIR)
as a new offering.
All further information can be found in our online presentation.
0 Comments