Nowadays, your business is digitally connected to suppliers, customers, partners, and other stakeholders. This online presence also comes with additional risks: any enterprise can become a victim of cybercrime. This includes corporate systems being hacked, phishing attacks, CEO fraud, ransomware attacks, defamatory allegations.
And that risk is real. Police crime statistics show an annual increase in violations of the Computer Crime Act, and 2019 saw a very pronounced increase of no less than 29.9%. Notably, the phenomenon of phishing is booming, a trend that, incidentally, is also confirmed this year in Europol’s Internet Organized Crime Threat Assessment (IOCTA) 2020. The European Union Agency for Cybersecurity (ENISA) makes the same observations in its annual Threat Landscape.
In addition to a solid technical cybersecurity structure, your enterprise benefits most from attentive staff, suppliers, and other third parties. You can secure your company by putting in place the best technical solutions, but all these efforts are in vain in case your “gatekeepers” turn out to be the weakest link, which is something that cybercriminals are well aware of. Studies show that up to 95% of information security incidents involve a human factor.
Be aware that mainly European legislation imposes considerable responsibility on you if your cyber security is not up to standard technically and legally/organizationally. Administrative and criminal fines are increasingly common and customers have various means to lodge complaints to claim incurred damages.
All the more reason to ensure that your cyber security policy is fully compliant from a legal perspective. Sirius Legal assists small and large companies in this matter and goes beyond a classic GDPR exercise. We do a full legal screening or Impact Assessment. In particular, in a first phase, we assess your company’s weaknesses, your responsibilities and which risks you need to address as a priority. In the next phase, we delve deeper into the risks with external partners and/or all internal stakeholders. Finally, we take a close look at the resilience of your company and provide a clear incident response plan that will allow you to restore the continuity of your business and allow all stakeholders in this digital world to maintain confidence in your company.
For this reason, Sirius Legal is also the only pronounced legal partner you can rely on through the Vlaio Improvement Projects. Together with its technical partners, Sirius Legal provides a multidisciplinary and integrated approach to your cyber security, subsidizing 45% of our budgets. Do you prefer to deal with partial aspects? No problem. Sirius Legal provides a review of your internal security (for instance, with staff; freelancers, directors) or can support you in the guidance of your vendor assessments, pentesting, coordinated vulnerability disclosure policies and other aspects.
Did you become a victim of a cyber security incident? Sirius Legal stands ready to immediately help you to appropriately communicate with customers, authorities, suppliers, as well as other relevant actors, and determines together with you which courses of action should be undertaken from a legal standpoint.
Ideally, your start-up should be completely compliant with the relevant laws and regulations. However, look beyond the contract work and choose a sparring partner who thinks along with you and covers all the legal pitfalls for you.
Do you run a webshop or want to launch one? Take legal advice from our e-commerce experts. Your webshop will be compliant in no time!
Active in web, app or software development? Then you better make sure the projects you deliver are legally apt. Besides, the relationships with your clients are usually just fine … until things go wrong, right?
