According to various estimates, the total capitalization of the digital economy has reached twenty-eight trillion dollars in 2020, and the number of Internet-of-Things (IoT) devices has reached 20 billion. As a result, security issues are one of the primary problems facing this multi-trillion dollar digital economy. 

The threat of cyberattacks and data loss requires companies to design secure systems and implement a set of organisational and technical measures aimed at ensuring their safety. These measures include identifying and assessing system vulnerabilities, designing approaches to minimise these vulnerabilities, prioritising the protection of company assets, identifying sensitive data and ensuring their security, ensuring secrecy and confidentiality, delimiting data access levels, determining access and data processing rules, implementing rules affecting the security of the system, determining responsibility for non-compliance with the rules and other incentives for company employees, regular briefings for company personnel, forming a policy of continuous internal monitoring of the system and external independent testing, and developing company policies governing actions to be taken by employees in the event of a cyberattack or a system crash.

AURUM’s lawyers act as trusted compliance and risk program advisors to multiple IoT, SaaS, PaaS, FinTech and DeFi projects based in the EU and around the globe, and work closely with the clients’ teams on the most complicated cybersecurity issues.

Cybersecurity – selected legal and technical services 

AURUM’s lawyers and technical experts advise clients on cybersecurity and data protection. Our team helps solve one of the major issues that arise from a security breach or cyber attack: identifying the party responsible for the breach and its consequences, whether this is a person, program or malware. AURUM will assist in conducting the investigation, advise whether the client is obliged to report the breach to the authorities, and provide recommendations on the minimisation of negative consequences of the breach. We also advise the clients on issues pertaining to the mitigation of relevant risks.

AURUM cooperates with several top-tier ‘white hackers’ and, where necessary, engages them to work on the client’s cybersecurity issues, provide advice on complex technical and security issues, and carry out penetration testing of the client’s systems.

We help clients at all stages of security development to implement state-of-the-art cybersecurity measures and solutions. Our services include:

  • Preparing internal policies that describe organisational and technical measures aimed at ensuring system security. Bringing other company policies in line with the cybersecurity policy.
  • Advising the client on the applicable cybersecurity standards and secure systems design.
  • Development of recommendations and instructions for the technical team on the implementation of best cybersecurity standards, practices and policies.
  • Reflecting security instructions provided by the technical team in the relevant legal documentation and policies.
  • Development of penetration testing agreements and other cybersecurity contracts.
  • Development of bug bounty programs and terms.
  • Consulting on security certifications for systems and services (for example, certifying a system according to the terms of the EU Cybersecurity Act).
  • Data protection impact assessments, data protection and GDPR compliance.
  • Advising on the use of various systems and cybersecurity solutions for the minimisation of threats, monitoring of suspicious activities, financial transactions and transactions with virtual assets.