Information-law work before, during, and after the incident.
Our cyber practitioners are instructed on the design of mature privacy and information-security programmes, on incident response and statutory notification, and on the regulatory and litigation exposure that follows in the eighteen months after an incident the institution did not expect.