Incident response: assistance with cyberattacks


There is a real chance that a company or government organization will fall victim to a cyberattack sooner or later.


As part of an appropriate security policy, it is therefore advisable to have (internal) policies in place that help to respond adequately to serious IT incidents; a so-called 'Incident Response Plan' (IRP).


An IRP is important because many factors are at play simultaneously during a (serious) IT incident and quick decisions are required on certain points. For example, should IT systems be disconnected, a report filed, and notifications submitted to the supervisory authority(ies) and affected parties?


An IRP ensures an adequate response to an IT incident and can limit damage (also from a PR perspective!), help comply with (legal) reporting obligations, and indirectly compel companies to take appropriate security measures for the future.


Some points of attention regarding Incident Response are:


  • Strategy and decision-making regarding contact with the attacker (are negotiations held and possibly ransom paid?);
  • Having an IT forensic investigation conducted (investigation into the circumstances of the incident, which data was affected, which mitigating measures must be taken, and whether information is shared with third parties);
  • Managing the incident (appointing a crisis team, assigning tasks and responsibilities, hiring external experts and legal experts/lawyers)
  • Internal and external communication (who is informed, what message is conveyed, who speaks on behalf of the organization (an external PR agency?))
  • Insurance: is there a cyber policy, is damage covered, must the insurer be notified?
  • Possible cooperation with the police (and whether or not to file a report in that context);
  • Potentially report the incident to the AP and/or other supervisory authority (for example, pursuant to the Cbw or DORA)
  • Liability: assessing and following up on potential third-party claims
  • Possible contact with regulators


Our lawyers can provide you with the necessary legal expertise in the event of an IT incident.