Cybersecurity

Cooley is the go-to law firm for companies developing cutting-edge technologies – and a market leader when it comes to advising companies on the regulatory framework applicable to cybersecurity and operational resilience.

Dubbed ‘Lawyers to the Innovators’ by the Financial Times, our multidisciplinary team has deep subject matter knowledge and understands the importance of cybersecurity in the digital age. We have a comprehensive grasp of the legal implications surrounding the various European Union cybersecurity regulations, positioning us as a market leader in providing cybersecurity-related guidance.

Cooley has a vast breadth of experience advising clients on the Network and Information Security Directive (NIS2) and its national implementation across the different member states, as well as the Digital Operational Resilience Act (DORA). The team also stays abreast of all new developments in the cybersecurity space. For example, we’re eagerly anticipating adoption of the Cyber Resilience Act, which imposes specific cybersecurity requirements on manufacturers of connected devices and providers of digital products and services throughout the product life cycle.

Our experience – coupled with our multidisciplinary approach – ensures that clients have access to the best advice and practices to ensure their organisation is in compliance with European cybersecurity laws.

How we help clients

• Cybersecurity obligations support and representation: We assist clients in meeting their regulatory obligations under European cybersecurity legislation and represent them before the relevant regulatory authorities.
• Internal cybersecurity compliance assistance: We support clients with the regulatory aspects of their internal cybersecurity compliance programs, conduct gap analyses, advise organisations on the implementation of the necessary policies and procedures for compliance with European cybersecurity laws, and provide assistance in the event of a ransomware attack.
• Rapid response network: We developed The Club, a rapid response network of third-party service providers engaged under a two-party master service agreement (MSA) to work at our direction, so if an incident arises, we sign a three-party statement of work to rapidly engage the service provider and help preserve a claim of privilege. (The Club is made up of companies including Mandiant/FireEye, CrowdStrike, Unit 42/Palo Alto Networks, Brunswick Group, and other forensic, crisis communication and cybersecurity consultation providers.)
• Updates on global cybersecurity developments: We keep clients up to date on all things cybersecurity through a myriad of channels, including our cyber/data/privacy insights blog, our Privacy Talks series presentations, and bespoke in-person events and trainings.

This content is provided for general informational purposes only, and your access or use of the content does not create an attorney-client relationship between you or your organization and Cooley LLP, Cooley (UK) LLP, or any other affiliated practice or entity (collectively referred to as “Cooley”). By accessing this content, you agree that the information provided does not constitute legal or other professional advice. This content is not a substitute for obtaining legal advice from a qualified attorney licensed in your jurisdiction and you should not act or refrain from acting based on this content. This content may be changed without notice. It is not guaranteed to be complete, correct or up to date, and it may not reflect the most current legal developments. Prior results do not guarantee a similar outcome. Do not send any confidential information to Cooley, as we do not have any duty to keep any information you provide to us confidential. This content may be considered Attorney Advertising and is subject to our legal notices.