Topic Centers


Cybersecurity risk is pervasive. Almost inevitably, your organization will experience a cybersecurity incident -- and with the environment evolving daily, you can’t be too prepared for the aftermath. Your organization can face government investigations, media attention, customer demands, and litigation – circumstances that require careful yet rapid response. Our seasoned Cybersecurity Solutions team helps you every step of the way, adroitly advising on the complex and interrelated impacts of each...

Cyber Risk Services: Hogan Lovells’ Technical and Risk Management Consulting Services

To provide our clients with comprehensive, timely advice and solutions to your organization’s unique cybersecurity challenges, our dedicated group of technical and risk professionals works side-by-side with our market-leading lawyers. Clients receive tightly integrated and complementary legal and management counsel, creating a seamless experience that is provided under attorney-client privilege.

The technical knowledge and training of our consultants and lawyers allows us to work directly with a client’s IT security team, as well as in-house counsel, with no lost time for “translation” of specialized terminology or concepts. And our experience within, and working with, law enforcement and other government agencies, enables us to counsel and support internal investigations and external interactions with practical, informed advice.

Our technical professionals, consultants, and lawyers work with you end-to-end on planning, preparation, and response issues. In particular, our consultants partner closely with our lawyers on:

Program development. We evaluate cyber threats; analyze preparedness; review policies, procedures and technical capabilities against best practices; develop policies and procedures for oversight and management of risk; and evaluate vendor cybersecurity practices.

Incident and crisis response. We develop plans and procedures for investigating and responding to cybersecurity incidents, testing response capabilities, managing the response, providing technical and procedural recommendations, and supporting incident response and investigations.

Regulatory compliance (HIPAA, ITAR, PCI, NNPI, etc.). We develop policies, procedures, and technical cybersecurity requirements needed to comply with regulations; review existing policies, procedures, and capabilities; and recommend mitigations necessary to comply with regulations.

Training and Awareness. We evaluate threats from employees and contractors; analyze the capability to protect against inside threats; evaluate internal cultural awareness; and recommend, develop, and deliver cybersecurity awareness and best practices training.

Taking on your cyber challenges

You’ll want to know that the consultants and lawyers you work with have the technical and legal experience to see you through every phase. A few examples of how our integrated team has helped both big and small companies over the years include:

Technical oversight of third-party forensics report preparation: After a major payment card breach at a leading U.S retailer, our technical consultants reviewed and advised on the scope and conduct of a third-party technical investigation, conducted a technical review of multiple drafts of the forensics report, worked with forensics experts, and helped shape the report’s favorable findings and practical recommendations.

Summarize complex technical facts in support of legal defense: When a market-leading company suffered a data breach involving more than 50 million records containing sensitive personal information, our lawyers and consultants created a summary of the key legal arguments and a plain-language description of the technical and business facts that supported them, which was then used by the client to prepare its defense and settlement strategy.

Risk management assessment: We assessed the cybersecurity risk management approach of a major cable and internet services provider. After interviewing the chief information security officer, CIO, COO, and other key stakeholders, we recommended the client adopt a governance framework and approach more aligned with industry standards and legal frameworks.

Confirm the absence of cyber attackers: Our lawyers helped a leading health insurance company retain a respected forensics firm to conduct a technical scan of the client’s systems. Our cybersecurity consultants participated in the scoping and review meetings and reviewed the resulting report, providing the client with the reassurance that the work performed would help demonstrate, as much as reasonably possible, that all steps had been taken to protect the client’s data and systems.


China's draft data localisation measures open for comment

On 11 April 2017 the Cyberspace Administration of China (the "CAC") published a circular calling for comments on its draft Security Assessment for Personal Information and Important Data...

Quick view Full view


RegTech in Hong Kong: The current state of play

Given its increasing importance within the FinTech space, RegTech – regulatory technology - has come to occupy a position of focus, as it has in numerous other jurisdictions, in the...

Quick view Full view


Cyber Insurance: Managing Your Cyber Liability and Avoiding Coverage Gaps

Mark Goodman is a partner in our San Francisco office. In this interview, he addresses the need for companies to manage their cyber risk and the role that insurance plays...

Quick view Full view


Product Liability and Product Safety Summit 2016 "Make the climb - preparing now for challenges in 2020"

Product Liability and Product Safety conference in Paris, Munich and Milan, organised by the global Product Litigation and Compliance practice. To access the invite to the Summit, please cli...

Quick view Full view

Sponsorships and Speaking Engagements

ITI Cybersecurity Forum & Reception

Join ITI and Hogan Lovells at Cybersecurity Forum 2016 on October 13. Government leaders, Capitol Hill experts, and industry professionals will discuss how to combat future cyber risks, and ...

Quick view Full view


Ready, Set, Respond – Hogan Lovells Launches Online Global Cybersecurity Resource Portal

Just a glance at the headlines confirms it: cybercrime is soaring spectacularly. And as a result, cybersecurity law and regulation around the world are coming of age. In this complex and...

Quick view Full view
Loading data