Investigating security breaches and managing contracts with third parties
You receive a call from your IT team; someone has noticed odd access patterns to one of your key databases containing key confidential information, some of which belongs to third parties who you contract with. Some more checking and analysis takes place and within a few hours, you know with reasonable certainty that someone has been and still is, accessing your and your business partners’ confidential data.
At this stage, you probably have some information but in terms of the total information available about the problem, at this point in time, you probably don’t know that much. It is important to work quickly with IT, the commercial teams who work with the data in question and senior management to understand as much as you can in the next 12–24 hours so that you can decide what to do next.
This might appear obvious — surely just cut off the access to your data? This route ‘solves’ the immediate problem, and may in some cases be the correct approach. However, it means risking severely limiting the amount of information that you can obtain about the breach. In turn, this limits the information you have available to work out the identity of and, if appropriate, pursue the wrongdoers and to feed information about the problem back into the business to improve security. Information security is not just about IT security — it encompasses the whole business and all employees. In those very early hours of working out the scope of the problem, it is also key to review contracts you have with third parties that may give rights to those third parties in relation to data and information security…
If you are registered and logged in to the site, click on the link below to read the rest of the Taylor Wessing briefing. If not, please register or sign in with your details below.
News from Taylor Wessing
News from The Lawyer
Briefings from Taylor Wessing
For the tax year from 6 April 2014, the standard lifetime allowance has reduced from £1.5m to £1.25m.
One of the areas highlighted last year by the Regulator was the regulation of workplace DC pension schemes.
Analysis from The Lawyer
As the equity capital markets rocketed back into favour and global M&A saw at least a partial return to form, there have been some rich pickings for The Lawyer’s Corporate Team of the Year award shortlisted firms in 2014.
The city-state is working hard to become a global wealth management hub, and law firms are gearing up for a prosperous new world