Companies around the world increasingly engage in technological businesses and processes requiring protection and security measures.

Our customers are ever more concerned about potential cyber attacks that can jeopardize a wide range of sensitive and strategic information, including personal data. At CMA, we are prepared to offer legal advice specialized in the digital environment to support our clients in data security and protection issues.

More and more companies seek to adopt best practices in compliance with Brazil’s General Data Protection Act (LGPD) and we at CMA boast comprehensive and effective legal expertise in support of that effort.

Our Cyber Security and Corporate Criminal Law practices field an integrated team able to respond to the most diverse scenarios:

• Prevention – Risk assessment and implementation of information and computer security and incident response programs, policies and procedures;
• Monitoring and reaction – Coordination of in-house incident response, preparation of incident notices to the authorities and to the affected public, coordination of forensic activities within incident investigations, legal advice, mitigation of negative impacts, anticipation of the potential impacts arising from cyber attacks or data leakages, representation of companies and their legal representatives in proceedings initiated by the competent authorities;
• Review – Review of internal policies and protocols based on the lessons learned so as to preempt the future occurrence of similar incidents.
• Advice – Advising clients on cyber incident matters such as:
• In-house training for executives and employees to raise awareness on cyber risks, best practices and incident response protocols;
• Drafting notifications, internal cyber security policies and incident response protocols;
• Conducting cyber security-focused due diligence and risk assessment activities within M&A audits;
• Liaise with the police and the Judiciary to respond to official requests for personal data in support of criminal investigations;
• Legal advice and defense of companies and individuals involved in cyber incidents and cyber crimes, mapping legal risks and recommending actions.