直 Japanese PDF Font
  • Our Professionals
  • Our Work
  • Our Insights
  • Offices
  • Firm
  • Careers
Finnegan
  • Articles & Books
    • Ad Law Buzz Blog
    • At the PTAB Blog
    • European IP Blog
    • Federal Circuit IP Blog
    • INCONTESTABLE® Blog
    • Prosecution First Blog
  • Events & Webinars
  • IP Updates
  • Podcasts
    • AI + Finnegan
    • AI + Copyright
    • AI + Patent
    • AI + Privacy
    • AI + Trade Secrets
    • AI + Trademark
  • Unified Patent Court (UPC) Hub

Article

Legal Battle Plans

November 2013

e-Commerce Law & Strategy

Authored by J. (Jay) T. Westermeier

Cyber security incidents are rising very rapidly. The growing number of serious attacks on essential cyber networks is one of the most serious threats the United States faces. See, "Report Cyber Incidents (http://1.usa.gov/1cDW9Rt)," DHS.gov (last visited Oct. 11, 2013). One of the critical controls relating to cyber security incidents is the implementation of effective cyber security incident response plans. (The SANS Institute has published 20 critical security controls. See, "Twenty Critical Security Controls for Effective Cyber Defense (http://bit.ly/X8mJr)," SANS.org. See specifically, "Critical Control 18: Incident Response and Management (http://bit.ly/n7HFFb).") Without an incident response plan, you may not discover an attack in the first place, or, if the attack is detected, you may not follow proper procedures to contain damage, eradicate the attacker's presence and recover in a secure fashion. Id. This article recommends that legal battle plans be developed and maintained as a critical part of your cyber security incident response plans.

Be Prepared for Quick Action

Legal battle plans are rapidly becoming an important part of a comprehensive information security program. These battle plans should be viewed as a critical component of your incident response plans. In today's information security environment, you need to react quickly and thoroughly to security breaches. Companies need to establish procedures to ensure a quick, effective and orderly response to such incidents. When an adverse event occurs, you are not going to have time to study your options. You will already be in trouble. You should prepare well ahead of any possible incidents so you can respond quickly to minimize damage and legal exposure.

Legal battle plans help to address this need. They are "off-the-shelf" plans that can be quickly adapted and executed to combat and otherwise defend against security incidents. These plans seek to take full advantage of legal rights and remedies to control, manage, avoid and mitigate losses and disruptions and comply with all legal obligations, including any notice requirements, contractual or regulatory obligations, and forensically sound evidentiary collection procedures.

Legal battle plans should be prepared for the security incidents that would have the greatest adverse effect on the company. A battle plan should spell out in advance the defenses and counterattacks the company can deploy rapidly. These include legal notices that must be provided to customers and contracting parties under affected contracts, as well as any necessary actions you will need to take regarding other matters, including insurance coverage, civil and criminal claims that may be applicable, evidence that should be collected, and points of contact that need to be notified.

By fully considering potential claims applicable to cyber incidents, you should be in a better position to make sure that the necessary evidence is collected in a forensically sound manner. You need to make sure that you put in place sufficient audit procedures and controls to provide a strong evidentiary trail consistent with the requirements applicable to the production of admissible evidence. The legal battle plan should consider the quality and completeness of the evidence. As the Council of Europe's Convention on Cybercrime has noted, "effective collection of evidence in electronic form requires very rapid response." See, "Convention on Cybercrime Explanatory Note (http://bit.ly/eHHvY6)," COE.int. (Note: See the full Convention on Cybercrime (http://bit.ly/eS3UWH).) Consider using forensic software tools to provide accurate, relevant and timely information about cyber incidents.

Legal Battle Plan Weapons

Because the legal battle plan is meant to increase your company's ability to respond to cyber incidents, it should include the tools to identify and analyze the incident, including the capability of successfully identifying and prosecuting a perpetrator, even an anonymous one. The plan also should include consumer notices required by law, applicable contract and regulatory notices. Further, it should provide for limiting damages, recouping losses and reducing regulatory, contractual, and other legal exposures. Also, the battle plan should be sufficiently flexible to be adapted readily to the circumstances of specific incidents and should coordinate with a company's public relations response and other incident response plans. This coordination ensures that the company is well prepared to limit damage to its reputation and to answer public or media queries about any incidents. A key objective of response plans, including the legal battle plans that are a part of these response plans, should be to maintain public confidence and trust in the company.

Legal battle plans will detail legal responses to a cyber incident. However, although not all incidents will be amenable to a legal counterattack, in most situations legal strategies may be deployed to keep damages to a minimum. With proper planning, you should be able to prevent damages from continuing to accrue after an incident has occurred. For example, the battle plan should provide contingencies for rapidly escalating your response, if such response is deemed appropriate.

Monitor the Plan

Once you create a legal battle plan, don't neglect it. Legal battle plans need to be monitored and adapted based on changing external and internal threats and any evolution or change within your company and its information security risk environment. Like all response plans, legal battle plans need to be tested periodically. Management and employee training on information security responses should include training on the company's legal battle plans.

Conclusion

Today most cyber security response plans fail to include legal battle plans. Today's risks require that legal battle plans be an essential part of comprehensive information security planning as a matter of prudent risk management. Make sure your cyber response plans include legal battle plans and that they are combat ready.

Copyright © Finnegan, Henderson, Farabow, Garrett & Dunner, LLP. This article is for informational purposes, is not intended to constitute legal advice, and may be considered advertising under applicable state laws. This article is only the opinion of the authors and is not attributable to Finnegan, Henderson, Farabow, Garrett & Dunner, LLP, or the firm's clients.

Related Practices

Diligence, Licensing, and Opinions

Opinions and Counseling

Related Industries

Electrical and Computer Technology

Related Offices

Reston, VA

Related Insights

Conference

4th Global Patent Litigation FORUM

October 29, 2026

Munich

Conference

13th Annual Summit for Women Leaders in Life Sciences Law

July 29-30, 2026

Boston

Articles

When the Classroom Goes Dark: Lessons from the Canvas Breach for Corporate Cyber Preparedness

July 8, 2026

Federal Circuit IP Blog

“2” Does Not Provide Written Description Support for “1”: Federal Circuit Affirms District Court’s Invalidation of Patent

July 8, 2026

Federal Circuit IP Blog

Federal Circuit Vacates and Remands Infringement and Damages Judgment After Erroneous Verdict Form and Eligibility Analysis

July 8, 2026

At the PTAB Blog

Federal Circuit PTAB Appeal Statistics for March–May 2026

July 2, 2026

Articles

Article_D.-Mass-Patent-Litigation-Update-October-2024

D. Mass. Patent Litigation Update: May 2026

June 30, 2026

Federal Circuit IP Blog

Federal Circuit Affirms Noninfringement Ruling in Hatch-Waxman Litigation Based on Claim Construction, Prosecution History Estoppel, and the Disclosure-Dedication Rule

June 26, 2026

Federal Circuit IP Blog

Mere Invalidity of Asserted Claims Does Not Render Patent Infringement Case Exceptional or Warrant Sanctions

June 26, 2026

Due to international data regulations, we’ve updated our privacy policy. Click here to read our privacy policy in full.

  • Privacy
  • Disclaimer
  • Legal Notices
  • Fraud Alert
  • EEO Statement
  • Cookies
  • Contact Us

© 2026 Finnegan, Henderson, Farabow, Garrett & Dunner, LLP