Skip to main content


In a connected, always-on world, threats are 24/7 and come from every direction. The more users, assets and technologies businesses introduce into their IT networks to unlock opportunities, the greater the attack surface and ways for things to go wrong. Cybersecurity incidents become inevitable.

The business impact of a cybersecurity incident can be considerable. Operations interrupted. Costs increased. Revenue reduced. Trust lost. Each cybersecurity incident has the potential to make headlines. As the business draws fire, its brand and reputation are harmed - not to mention its bottom line.

These risks make cybersecurity an issue for the boardroom rather than just the IT department. LS://cyber is our solution to help decision-makers, in organisations from start-ups to multinationals, confidently manage the risks to their digital assets, personal data and intellectual property.

We focus on the before, during and after of a cybersecurity incident and will help you:

1. ready yourself through preventative assessments and preparation

2. respond when the inevitable happens, to contain and remediate the incident

3. recover so you can get back to business as usual

We complement our core legal and regulatory expertise by partnering and collaborating with technical experts and PR consultants. It makes our advice practical and tailored to the risks faced by our clients. Since online issues rarely respect borders, we are also able to draw on our international network of ‘best-of-breed’ lawyers to provide multi-jurisdictional support.

You might not be able to control the capabilities and motivations of attackers, but you can reduce the vulnerabilities within your systems which present them with an opportunity. Assessing your exposure, especially to the more common attacks such as business email compromise, ransomware and insider threats, helps to protect your business and make it a hard target.

Equally, you might not be able to control when an incident takes place, but you can plan how you will detect and respond to it. Preparation reduces the impact of an incident and can help avoid it spiralling into a disaster. Ultimately, preparation saves money: research shows that it reduces the costs associated with an incident, including in loss of business which, in some cases, can spell ruin.

How we can help

  • conducting preventative cybersecurity assessments to help ensure that your controls are appropriate to the cyber risks faced by your organisation
  • reviewing your incident response plans and testing them through tabletop exercises to identify weaknesses using scenarios relevant to your business
  • delivering training, education and awareness-building to ensure that your people understand their role in keeping your organisation safe and are able to identify and report unusual activity
  • through corporate support, including due diligence in transactions - at least two ICO fines in recent years were the result of vulnerabilities introduced as a result of acquisitions
  • developing a legal privilege strategy to maximise the protection of documents from disclosure - simply copying a lawyer into communications is not a silver bullet!
  • developing the communications strategy and assets you need to communicate effectively and responsibly to your stakeholder groups
  • assessing your data protection compliance, including though our GDPR health assessment
  • ensure that you have the right toolkit in place to support your response efforts
  • reviewing your data governance and helping you to leverage it to drive cybersecurity efforts
  • identifying third party security risks in your supply chain
  • focusing on your biggest asset and vulnerability, your people, by supporting HR teams to monitor for threats, investigate them once detected and take appropriate action where necessary

Doing nothing or leaving incident response solely to IT colleagues are no longer risk mitigation strategies that pass muster or that align with statutory obligations designed to make cybersecurity a board-level issue. Given their inevitability, organisations are increasingly judged by their response to an incident rather than whether one occurred. Responding to an incident efficiently and effectively requires drawing on specialist skills which you will not necessarily have within your organisation.

How we can help

  • ensuring you have the right external support in place to investigate and respond to an incident via our partnership with a leading incident response provider to digital investigators to coordinate technical operations, risk and forensic analysis extortion negotiations and settlement, and the secure recovery of comprised systems
  • drawing on our leading expertise in brand and reputation management, as well as partnerships with leading PR and communications agencies, to help coordinate internal and external communications about an incident, providing calm and considered reassurance to your stakeholder community - from your customers, to the media, investors and shareholders and policymakers
  • providing you with expert legal advice on all aspects of your legal and regulatory obligations (as well as sector-specific considerations) including notifications to regulators, affected individuals, law enforcement, insurers, contracting parties etc
  • obtaining court orders which can assist the response effort such as those for third party disclosure (to identify attackers), interim non-disclosure orders (to help limit the misuse of stolen data) and freezing orders (to recover stolen assets).
  • assessing the impact of an incident on your third party relationships such as contracting partners, including through any contract reviews and notification
  • supporting the management of an incident within a legally privileged environment
  • liaising with law enforcement, including in the context of criminal investigations

Breaches have a long tail, and the fight to recover operationally and reputationally can take years. As the immediate flurry of activity in the initial aftermath of an incident subsides, attentions will turn to the longer-term impact. Getting services back up and running can take weeks, if not months. But it is half the battle.

Investigations and enforcement action by regulators; a deluge of rights requests by affected individuals; compensation claims - either individually or class actions; liability issues, where a supplier is to blame, or a claim is denied by the insurer. These are just some of the longer-term issues often in prospect after a cyber incident and can loom for months, if not years to come.

How we can help

  • supporting your interactions with regulators, in the UK and abroad, in data protection as well as other regulated sectors
  • advising on the liability of your supplier and supporting your efforts to recover your losses from them, including through legal proceedings
  • advising policy holders on issues related to cyber insurance coverage (including exclusions and ‘silent cyber’ / non-affirmative cover)
  • conducting a post-incident review with a view to improving your incident response plan and security posture with the benefit of lessons learnt
  • challenging the outcome of enforcement action such as fines
  • handling rights requests, including ones with significant complexity or linked to litigation
  • defending any legal claims which are eventually issued by data subjects whilst keeping disruption and financial impact to a minimum and always with one eye on your reputation. We work with leading sets of barristers, costs draftsmen and lawyers internationally, and make use of all forms of alternative dispute resolution to ensure that disputes are resolved in the most effective way

Related items

Cyber Security

Retail under attack! Why cybersecurity is important to the sector

31 May 2023

Ali Vaziri writes for Retail News to outline why cyber security is vital for the retail sector. Retailers are a rich source of sensitive data, tempting to cyber criminals and it is no surprise that there have been many high-profile cyber attacks affecting retailers so far in 2023. In this article, Ali discusses protecting your reputation and relationships, credential stuffing and how to detect security incidents.

Data and Network Security

AI 101: What are the key data privacy risks and rewards for this new tech?

23 February 2023

This is the fifth article in our “AI 101” series, where the team at Lewis Silkin will unravel the legal issues involved in the development and use of AI text and image generation tools.

Technology trend

Top 10 tech predictions for 2023 - what you need to know

03 January 2023

Welcome to our 2023 technology predictions - it’s that time of year again, so grab yourself a cuppa! 2022 saw some important developments and some evolutionary ones. Let’s look ahead to what might just happen in 2023.

Back To Top