Cyber security provides security for your company
As the digitalisation of processes and the complexity of the IT landscape increase, so does the risk of cyber attacks. The Federal Office for Information Security has identified ransomware cyber attacks as the main IT security threat for companies and public authorities in Germany.
The statistics of the losses from data theft, industrial espionage and sabotage in Germany in 2023 alone (source: Statista) paint an alarming picture: the overall losses amount to more than 200 billion euros, with reputational damage (35 billion euros), breakdown of/damage to IT systems and operational downtimes (35 billion euros) and the cost of legal disputes (30 billion euros) being the biggest contributors.
A global survey in 2023 revealed that around 58 per cent of the companies surveyed in Germany had at least once been the victim of a cyber attack. On average, around 53 per cent of the surveyed companies in the various countries stated they had experienced at least one cyber attack in the past 12 months.
Luther’s multi-disciplinary cyber security and data protection practice helps clients address cyber security risks and manage attacks. Our team, consisting of over forty experts, can handle all challenges faced by our clients in the areas of cyber security, incident response, data protection and, where applicable, embedded AI. As experienced “cause (or cyber) coaches”, we provide practical, technical and operational advice during and after ransomware and other cyber attacks. With our first-hand experience, we operate at the interface between technology, cyber security and data protection on behalf of our clients.
Our advisory services can be divided into four areas:
Cyber incident prevention (cyber audits to develop an understanding and create awareness, documentation, training courses), (crisis) response to cyber incidents (launching an emergency plan, securing relevant assets, involving the emergency team, communicating B2B and with public authorities, etc.), pursuing claims and litigating to enforce claims (ensuring compliance with personnel and technical requirements, insurance, etc.), and regular audits to ensure processes and systems are futureproof.
Areas of advice
The legal IT security requirements change continuously and may differ from industry to industry. They are not only determined by statutory law, but also by industry-specific security standards, technical standards, contractual relations and liability risks. Our experts in IT security law can identify the legal requirements applicable to your company, and also what action needs to be taken with regard to those requirements. Thanks to our knowledge of the industry and our understanding of complex corporate structures, we know that the legal requirements must be implemented in a reliable yet pragmatic manner to allow your company to grow in times of digital transformation.
Our cyber security audit comprises a comprehensive range of advisory services for the performance of a legal assessment of the processes and systems currently in place at your company to secure your company’s data. The implementation of technical, operational and organisational IT security measures is important to adequately protect your company from damage by cyber attacks. We can support you throughout this process, from initial gap analysis to the implementation of policies, instructions for action, training courses and other legal, operational and organisational measures. Through our network of experts, we also maintain connections with technical consultants, who can assist with the identification and implementation of technical measures.
The protection of personal data is closely related to the implementation of legal IT security requirements. This is because cyber incidents often involve personal data, which, in turn, gives rise to special obligations regarding how to deal with such incidents. Conversely, cyber security is always also a means of protecting personal data. As a result, in particular the implementation of technical and organisational measures can produce a synergy effect between cyber security and data protection.
Cyber incidents may result in heavy fines or other regulatory measures being imposed by (data protection) supervisory authorities. Our specialised team can, therefore, also advise you when communicating with supervisory authorities and with regard to how to defend against regulatory measures, in and out of court.
Further information about our range of advisory services related to implementing the requirements of data protection law is available here.
Recent new regulations at European level place particular emphasis on supply chain security. The companies concerned are required to ensure IT security also within their supply chains. Against this background, our team of experts develops effective strategies to protect your company from cyber risks in the supply chain.
Some of the new cyber security regulations also regard products with digital components. To protect users from cyber risks, manufacturers must take cyber security into account already when designing and developing such products. Our specialised team can assist you in this respect throughout the product cycle, from development to approval and certification, distribution and, where applicable, compliance with requirements during the product lifecycle.
In the financial and insurance sectors, national industry-specific regulations on regulatory requirements for IT and IT outsourcing have been in place for several years now, in particular in the form of supervisory notices (Supervisory Requirements for IT in Financial Institutions - BAIT, Supervisory Requirements for IT in Insurance Undertakings - VAIT, Minimum Requirements for Risk Management - MaRisk, Minimum Requirements under Supervisory Law on the System of Governance of Insurance Undertakings - MaGo, EBA Guideline on Outsourcing Agreements, Guidance on Outsourcing to Cloud Service Providers, etc.). The Digital Operational Resilience Act (DORA) is the first EU-wide uniform legal framework for effective cyber security and information and communication technology (ICT) risk management in the financial sector. DORA aims to strengthen the resilience and security of the entire European financial sector, as well as creating uniform and consistent requirements for the financial sector in terms of cyber security, ICT risks and digital operational resilience. Important fields of action include ICT governance, ICT risk management, ICT incident management, digital operational resilience testing and ICT third-party risk management. Working in interdisciplinary teams, we have been supporting the financial sector for many years in its digital transformation, including providing holistic advice on the implementation of the regulatory requirements for IT security and related compliance requirements.
Cyber incidents cannot always be prevented by taking preventive measures. Attackers manage to penetrate IT systems by exploiting undiscovered vulnerabilities or human error. Our experts in the fields of data protection and IT security law can provide immediate, competent support in the event of a cyber incident, for example, by assisting your company with the implementation of statutory reporting requirements and when communicating with public authorities and stakeholders.
Cyber attacks frequently lead to complex claims situations involving multiple parties within the (often international) supply chain.
A cyber attack can cause significant damage and huge financial losses, from the cost of restoring the IT systems to normal use to damage to the company’s reputation and loss of profits. You may be able to assert claims for damages against other parties involved, such as service providers, manufacturers and many others, provided they are partly responsible for the cyber incident.
Your company may also, however, be subject to third-party claims for breach of contract, for example, if business processes can no longer by adhered to as a result of the cyber attack. Customer data may also be affected by the attack. There may even be a risk of mass claims due to data breaches, which are becoming more frequent.
Our Complex Disputes experts work with you to develop the ideal litigation strategy in each particular case to efficiently resolve complex disputes in such claims situations before (arbitration) courts and also out of court and achieve the best possible outcome for you, defend claims and secure claims vis-à-vis third parties.
Legal requirements will continue to change on an ongoing basis and differ from industry to industry. This concerns statutory law as well as industry-specific security standards, technical standards, contractual relations and liability risks. Our “futureproof processes and systems” audit comprises a comprehensive range of advisory services for the performance of regular legal checks on your company’s processes and systems in place from time to time to secure your company’s data. In these regular audits, we focus on gap analyses and also give recommendations for the implementation of policies, instructions for action, training courses and other legal, operational and organisational measures.
Implementation projects in the field of IT security are often highly complex and require a combination of various legal and other external competencies. Our experience has shown that in order for legal work to be carried out effectively and in a timely manner in such projects, the projects must be recorded, planned and managed in line with the company’s goals and in consultation with the stakeholders.
We ensure this happens by employing specialists with the relevant know-how to work at the interface between content and organisation and perform the following project-supporting tasks as controllers: (continuous) evaluation and definition of transformation goals and requirements; legal project organisation and management of all internal and external resources involved in the project; project planning (defining work packages, resources, input and output formats); project control (transparent open issues, risks, times and expenditures); and project communications (exchange of information, jour fixe management and documentation).
We regard legal project management as an important discipline and task that can and should be performed by legal project managers with specialised legal knowledge, rather than by lawyers. This ensures you get a highly cost-effective approach for each area of expertise.
News
Key Contact >>
Bangkok
Luther Law Firm (Thailand) Co., Ltd.
AIA Sathorn Tower, Rooms No. 2007-2008, 20th Floor 11/1 South Sathorn Road, Yannawa, Sathorn 10120 Bangkok Thailand
Contact >>Our Services >>
Berlin
Brussels
Cologne
Delhi-Gurugram
Luther Corporate Services Pvt. Ltd.
Unit No. 812, 8th Floor, Emaar Capital Tower - 1, MG Road, Sikanderpur, Sector 26, Gurugram 122 002, Haryana India
Contact >>Our Services >>
Dusseldorf
Essen
Frankfurt a.M.
Hamburg
Hanover
Ho Chi Minh City
Luther Vietnam Law L.L.C.
Suite 25.02, Floor 25, Deutsches Haus, 33 Le Duan Boulevard, District 1, Ho Chi Minh City, Vietnam Ho Chi Minh City Vietnam
Contact >>Our Services >>
Jakarta
Maqdir Imsail & Partners in collaboration with Luther LLP
Jl. Latuharhary No. 6A, Menteng Jakarta Pusat 10310, Indonesia Jakarta Indonesia
Contact >>Our Services >>
Kuala Lumpur
Luther Corporate Services Sdn. Bhd.
Unit No. L25-1, Level 25
TSLAW Tower
No. 39, Jalan Kamuning
55100 Kuala Lumpur
Malaysia
Our Services >>
Leipzig
London
Luther Rechtsanwaltsgesellschaft mbH
5th Floor, Aldermary House, 10-15 Queen St, Cordwainer EC4N 1TX London United Kingdom
Contact >>Luxembourg
Luther S.A., inscrite au Barreau de Luxembourg
Aerogolf Center, 1B, Heienhaff 1736 Senningerberg Luxembourg Luxembourg
Contact >>Our Services >>
Munich
Shanghai
Luther Solutions (Shanghai) Co., Ltd.
Hang Seng Bank Tower, Room 17-012, No. 1000 Lujiazui Ring Road, Pudong, Pilot Free Trade Zone 200120 Shanghai China
Contact >>Our Services >>
Singapore
Luther LLP
4 Battery Road #25-01 Bank of China Building 049908 Singapore Singapore
Contact >>Our Services >>
Stuttgart
Yangon
Afrika
Algeria
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Angola
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Congo
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Egypt
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Ghana
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Kenya
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Lebanon
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Morocco
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Mozambique
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Namibia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Nigeria
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Sierra-Leone
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
South Africa
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Volker Steimle
T +49 221 9937 24820
>> Profile
Tanzania
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Tunisia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Uganda
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Zimbabwe
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Asia
Cambodia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Hong Kong
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Japan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Philippines
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Taiwan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
South Korea
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Vietnam
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Australia & New Zealand
Australia
Dr. Steffen Gaber
T +49 711 9338 19192
>> Profile
New Zealand
Dr. Steffen Gaber
T +49 711 9338 19192
>> Profile
Europe
Armenia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Austria
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Belarus
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Bosnia-Herzegovina
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Bulgaria
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Croatia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Cyprus
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Andreas Kloyer
T +49 69 27229 0
Dr. Thomas Kuhnle
Czech Republic
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Denmark
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Estonia
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Finnland
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
France
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile >> Corporate Service
Greece
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Hungary
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Italy
Dr. Eckart Petzold
T +49 211 5660 25065
>> Profile >> Corporate Service
Ireland
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Island
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Latvia
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Liechtenstein
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Lithuania
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Malta
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Macedonia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Moldawia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Netherlands
Dr. Stefan Galla
T +49 201 9220 24016
>> Profile
Norway
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Spain
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Sweden
Dr. Christoph von Burgsdorff
T +49 40 18067 12179
>> Profile
Dr. Richard Happ
T +49 40 18067 12766
>> Profile
Switzerland
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Poland
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Portugal
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Russia
Reinhard Willemsen
T +49 89 23714 25792
>> Profile
Romania
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Scotland
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Serbia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Slovakia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Slovenian
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Turkey
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Ukraine
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Middle East
Afghanistan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Azerbaijan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Brunei
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Georgiea
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Iraq
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Iran
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Israel
Eric Sublon
T +352 27484 1
>> Profile
Jordan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Kazakhstan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Qatar
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Kuwait
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Pakistan
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Palestine
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
Saudi-Arabia
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
United Arab Emirates
Dr. Andreas Kloyer
T +49 69 27229 0
>> Profile
Dr. Thomas Kuhnle
T +49 711 9338 19193
>> Profile
North America
South & Middle America
Argentinia
Philipp Dietz
T +49 221 9937 14224
>> Profile
Bolivia
Philipp Dietz
T +49 221 9937 14224
>> Profile
Brasil
Philipp Dietz
T +49 221 9937 14224
>> Profile
Chile
Philipp Dietz
T +49 221 9937 14224
>> Profile
Colombia
Philipp Dietz
T +49 221 9937 14224
>> Profile
Costa Rica
Philipp Dietz
T +49 221 9937 14224
>> Profile
Domininican Republic
Philipp Dietz
T +49 221 9937 14224
>> Profile
Ecuador
Philipp Dietz
T +49 221 9937 14224
>> Profile
El Salvador
Philipp Dietz
T +49 221 9937 14224
>> Profile
Guatemala
Philipp Dietz
T +49 221 9937 14224
>> Profile
Mexico
Philipp Dietz
T +49 221 9937 14224
>> Profile
Nicaragua
Philipp Dietz
T +49 221 9937 14224
>> Profile
Panama
Philipp Dietz
T +49 221 9937 14224
>> Profile
Paraguay
Philipp Dietz
T +49 221 9937 14224
>> Profile
Peru
Philipp Dietz
T +49 221 9937 14224
>> Profile
Uruguay
Philipp Dietz
T +49 221 9937 14224
>> Profile
Venezuela
Philipp Dietz
T +49 221 9937 14224
>> Profile
Locations
Best Friends
- Afrika
- Asia
- Australia & New Zealand
- Europe
- Middle East
- North America
- South & Middle America