Cyber Security Incidents in Multinational Companies in the EU and the US – Effective Crisis Management in Transatlantic IT Incidents


In this edition of German ZD - Zeitschrift für Datenschutz (November-Edition, ZD 2021, 614), the article of Dr. Christian Schröder and Tobias Lantwin outlines typical cyber threat scenarios for companies, steps to coordinate an incident response management, legal requirements on both sides of the Atlantic if a cyber security incident occurs as well as the winding-up phase and the reconditioning.

It can happen quickly. An attack on the IT infrastructure almost always hits companies at the wrong time. Hacking and other attacks on company systems can set off considerable chains of damage within a very short time and therefore require immediate intervention. IT security incidents require increased attention, especially in multinational EU/US corporate structures. In such cases, not only do the regulations of European and national data protection law apply, but also US law, which often provides for strong sanction threats, requires attention.

The German language article can be found as a PDF here.