Cybersecurity

The obligation to use solutions supporting cybersecurity is a legal obligation increasingly imposed on entrepreneurs. It results not only from regulations dedicated directly to cybersecurity (DORA, NIS2), but also from data protection obligations. However, cybersecurity is becoming increasingly important for every entrepreneur, given the need to secure their business, even without imposed legal obligations.

Selected experience

  • service provided by members of the law firm to financial institutions, such as banks, for over 20 years, as well as external advice to law firms serving the financial sector in the field of, among others, cybersecurity
  • reviewing assumptions and contractual terms for outsourcing services, both in the field of civil law, banking law, cybersecurity (including DORA), compliance with the guidelines of the EBA and national supervisory authorities
  • verification of compliance with the law of assumptions for the use of new technologies in various processes, for example biometrics for behavioral identification implemented by the bank
  • verification of compliance with the law, including GDPR, assumptions for the exploration of publicly available data sets (text and data mining, TDM) for the construction of an entrepreneur’s database for the purposes of, among others, AI-based market analytics and customer preference analytics
  • assessment of cloud solutions and services in terms of regulatory requirements, including guidelines/communications from supervisory authorities
  • assessment of issues related to DORA implementation, including in terms of compliance with EBA guidelines, requirements for risk management systems
  • reviewing services provided in cooperation with telecommunications companies in terms of, among others, compliance with GDPR, telecommunications law (electronic communications law) and securing customers against criminal practices of data theft

We provide

  • expert opinions for internal needs of entrepreneurs
  • expert opinions for the purposes of court proceedings or proceedings before supervisory bodies
  • taking into account cybersecurity aspects in drafts of outsourcing agreements
  • risk assessments for the purposes of internal controls and for auditors
  • verifications (audits) of compliance with regulations, analysis of legal risks
  • drafts of procedural documents
  • representation before administrative and supervisory bodies
  • representation in court proceedings

Practice Leader

Iwona Karasek-Wojciechowicz

office@karasek.law