Cybercrime incident management
Cybercrime incident management

The following Practice Compliance guidance note provides comprehensive and up to date legal information covering:

  • Cybercrime incident management
  • Cybercrime incident involving personal data breach
  • Approaching a Cybercrime/cyber attack incident management plan
  • Four stages of incident management

Though taking preventative steps obviously makes good sense (see Practice Note: Cybercrime prevention), it is not possible to totally eradicate the risk of cybercrime or cyber-attack. An effective mechanism to deal with cybercrime and cyber-security threats will not only include solid defences, but will also include a plan or strategy to deal with the effects of an attack in the event that it happens.

This Practice Note sets out some practical guidance on putting together the incident management element of your Cybercrime prevention strategy and incident management plan. It includes breach notification requirements under the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679, which apply where the cybercrime incident involves a personal data breach. This Practice Note is intended for compliance professionals in general commercial organisations. It is not intended to cover sector-specific requirements in the:

  1. the Network and Information Systems Regulations 2018 (NIS Regulations), SI 2018/506 which implement the provisions of the Network and Information Systems Directive (NIS Directive), Directive 2016/1148/EU, in the UK

  2. the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR 2003), SI 2003/2426 (as amended) or any legislation or regulation that replaces PECR 2003, and

  3. the Financial Services and Markets Act 2000 (FSMA 2000) and the Financial Conduct Authority (FCA) Handbook

Cybercrime incident involving personal data breach

Many, but not all, cybercrime incidents will involve a