Cybercrime incident management
Cybercrime incident management

The following Practice Compliance practice note provides comprehensive and up to date legal information covering:

  • Cybercrime incident management
  • Cybercrime incident involving personal data breach
  • Approaching a Cybercrime/cyber attack incident management plan
  • Four stages of incident management
  • Containment and recovery
  • Assessment of ongoing risk
  • Notification of breach or attack
  • Evaluation and response

Cybercrime incident management

Though taking preventative steps obviously makes good sense (see Practice Note: Cybercrime prevention), it is not possible to totally eradicate the risk of cybercrime or cyber-attack. An effective mechanism to deal with cybercrime and cyber-security threats will not only include solid defences, but will also include a plan or strategy to deal with the effects of an attack in the event that it happens.

This Practice Note sets out some practical guidance on putting together the incident management element of your Cybercrime prevention strategy and incident management plan. It includes breach notification requirements under the General Data Protection Regulation (UK GDPR), Retained Regulation (EU) 2016/679, which apply where the cybercrime incident involves a personal data breach. This Practice Note is intended for compliance professionals in general commercial organisations. It is not intended to cover sector-specific requirements in the:

  1. Network and Information Systems Regulations 2018 (NIS Regulations), SI 2018/506

  2. Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR 2003), SI 2003/2426 (as amended), and

  3. Financial Services and Markets Act 2000 (FSMA 2000) and the Financial Conduct Authority (FCA) Handbook

Cybercrime incident involving personal data breach

Many, but not all, cybercrime incidents will involve a personal data security breach.

A personal data breach means:

‘a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise

Related documents:

Popular documents