Blog

The lawyer, a strategic player in a cyber crisis unit [1/3]

7 May 2021

A leading player in crisis preparedness and management

We offer you a new series of articles, dedicated to the legal aspects of crisis management. In particular, we will present the role of the lawyer within the cyber crisis unit and the specificities of the legal qualification of a cyber incident. Happy reading!

The overall coordination of crisis management actors cannot be effective on the dual condition that they operate together in the application of their respective roles and that they understand the crisis as a concept that goes beyond the notion of rupture.

Edgar Morin’s expression that “The crisis of the concept of crisis is the beginning of the theory of crisis“[1] remains perfectly acute, particularly in the digital space.

The polymorphous nature of digital risk allows it to be perfectly integrated into both destruction and disruption operations and espionage operations.

Faced with this unprecedented risk, organizations cannot do without a well-thought-out and proven crisis system. Going beyond the notion of disruption implies the need for specific governance to overcome the complexity of managing cyber crises. The lawyer must take an active part in this.

The lawyer intervenes at different levels in the preparation and management of cyber and digital crises:

  • Upstream, since 2018 with the compliance of companies with the GDPR, or on the contractual aspect for cyber insurance in collaboration with the risk teams;
  • In crisis, to support the crisis unit on all legal aspects, to participate in investigations and to qualify malicious or non-malicious acts;
  • At the end of the crisis, to ensure follow-up alongside the teams, to support them during investigations and possible complaints.

At each stage, he must demonstrate a real ability to adapt. In a classic crisis, the events to be managed are rather identifiable, quantifiable and predictable.

In a cyber crisis, a cyberattack with data theft, for example, introduces a different time/volume variable. The lawyer must be able to remain alert to the evolution of the crisis in order to make the law a non-binding tool of trust in these emergency situations.

Teams dedicated to cyber and digital crisis management must demonstrate rigorous preparation in order to acquire the necessary reflexes. To this must be added an incalculable number of unforeseen events that disqualify any meticulously defined crisis plan. This is the reality of crisis management of cyber origin and the one in which the lawyer must evolve.

The environment in which the lawyer evolves in the crisis cell

Information assets are generally the target of cyber threats: customer files, responses to calls for tenders, personal data of employees and managers, financial and industrial data, correspondence secrets, business secrets, medical confidentiality, etc.

Cybercrime linked to the acquisition of this strategic data corresponds to offences targeting the computer systems themselves, but also to classic offences such as scams whose main vector or which are considerably facilitated by digital technology (example of CEO fraud).

We are seeing a shift in delinquency towards digital technology, which allows for a certain discretion and speed in taking action.

The lawyer optimizes in-house legal procedures

The lawyer really participates in the collegial orchestration of the crisis, in particular with the crisis director and the communication director.

It should be remembered that the quality of communication in times of crisis is a major element.

In a variable context involving evolving responses, it must be rapid and effective, capable of convincing, reassuring, strengthening cohesion and the support of all.

It should also be remembered that in crisis management, a fluid link between permanent and ad hoc functions must be promoted in order to achieve a flexible and optimal crisis management methodology.

The circulation of information in the crisis unit is therefore essential in cyber crisis management:

  • so that the lawyer can advise his organization having collected and analyzed all the information;
  • so that the lawyer can communicate and diagram clearly to non-lawyers.

Are you a lawyer and want to train in crisis management? Are you a training manager and would like to discuss a specific need?

Contact us and let’s discuss!

[1] Edgar MORIN, “Pour une crisologie”, Communications, n°25, 1976, pp. 149-163.

Information systems security (PACS) support and consulting provider qualified by the ANSSI.

Dive into our case studies

See the case studies

Contact us

Want to know more? To be contacted again? Click here!

See the training

Our news

Alcyconie in the press

View All

Read the article

Resilience in the era of AI: the delicate art of balance - Maddyness
Press

Resilience in the era of AI: the delicate art of balance - Maddyness

4 December 2025

Read the article

When cognitive psychology sheds light on cyber crisis management
Blog

When cognitive psychology sheds light on cyber crisis management

6 November 2025

Read the article

Ransomware, Confusion, and Critical Decisions: A Cyber Crisis Simulation Autopsy - Alliancy
Press

Ransomware, Confusion, and Critical Decisions: A Cyber Crisis Simulation Autopsy - Alliancy

1 September 2025

Suspicion of crisis? Alert our teams!