Cybersecurity
In an era of increasing digital threats and rapidly changing information security legislation, we support our clients in ensuring compliance with regulatory requirements and minimizing legal and operational risks.
Our services include comprehensive cyber security consulting, and focus on the following areas, among others:
DORA (Digital Operational Resilience Act) compliance audit
We offer a comprehensive legal analysis of an organization’s readiness to implement in-house requirements under the DORA regulation. We help identify loopholes in digital resilience, assess governance mechanisms and prepare an adaptation strategy. We work with proven technology partners. We assess, review and implement management, identification, protection, detection, response and recovery procedures in the ICT area. We also review and adjust relationships with employees, co-workers and customers in terms of ICT security requirements.
NIS2 implementation and compliance
We support NIS2 covered entities in analyzing their obligations under the new regulations and in preparing and implementing technical and organizational measures. We work with proven technology partners. We advise on incident reporting, risk management, internal audits and relations with supervisory authorities.
MICA (Markets in Crypto-Assets Regulation)
We provide regulatory advice to crypto-assets market players in the context of MiCA regulation. We assist in assessing business compliance with requirements for transparency, IT risk management, data storage, user protection and IT system security.
Audit of ICT service providers (NIS2 and DORA compliance)
We offer an assessment of contractual relationships and cooperation practices with third-party providers in the context of cybersecurity. We verify the compliance of contracts, SLAs, risk monitoring policies and incident procedures with the requirements of the NIS2 directive and DORA regulation.
GDPR compliance audit
We verify the compliance of processes with RODO regulations in the area of personal data protection. We analyze data processing processes and documentation , identifying potential non-compliance and supporting the preparation of corrective recommendations. We provide support in the execution and application of RODO regulations, including the implementation of breach notification obligations. We actively participate and represent during the inspections of the President of the Office of Personal Data Protection.
SAM (Software Asset Management)
We conduct audits of the legality of the software used in the organization, in accordance with the principles of Software Asset Management. We help identify illegal or non-conforming licenses and their deficiencies, assess legal and financial risks, and prepare a plan to optimize IT asset management in accordance with copyright laws as well as the needs of the company.
Compliance
We map security risks also in the area of anti-money laundering and counter-terrorist financing (AML/CFT). We bring order to the maze of ever new tools and processes. We offer our clients support in identifying their needs, identify risks, propose solutions, and provide training.
Whistleblowing
We also offer a comprehensive whistleblowing process for whistleblowers, providing not only support in the preparation of documentation, but also handling the process at every stage from acceptance of the report to implementation of follow-up, piloting the process from start to finish. The law firm provides a virtual place for the publication of communications, including the rules of internal reporting and a dedicated email address for whistleblower reports, initial verification of information, communication with those involved in the process, implementation of follow-up.
