Copyright © 2011 Practical Law Publishing Limited and Practical Law Company, Inc. All Rights Reserved. This Note examines:  The chief compliance officer’s (CCO) key role in preventing and containing cyber attacks.  Developing a cyber incident response plan to report, investigate and respond to a cyber attack.  Common cyber attack scenarios.  Civil and criminal legal claims that may be brought against the perpetrators of cyber attacks.  Recent case law relevant to some of the key issues discussed in this Note. Cyber attacks involving personal information implicate various data privacy and security laws. For general information on US data security laws, see Practice Note, US Privacy and Data Security Law: Overview (http://us.practicallaw.com/6-501-4555). For information on state data breach notification laws, see Practice Note, Privacy and Data Security: Breach Notification (http:// us.practicallaw.com/3-501-1474). WHAT IS A CYBER ATTACK? A cyber attack is an attack initiated from a computer against a website, computer system or individual computer (collectively, a computer) that compromises the confidentiality, integrity or availability of the computer or information stored on it. Cyber attacks take many forms, including:  Gaining, or attempting to gain, unauthorized access to a computer system or its data.  Unwanted disruption or denial of service attacks, including the take down of entire web sites. This Note discusses common cyber attack scenarios and sets out actions that companies can take to prevent or respond to attacks, including developing a cyber attack response plan. It also addresses the chief compliance officer’s role in preventing and containing attacks and law enforcement referrals, and civil and criminal actions companies can pursue against attackers. Cyber attacks, including hacking, of business websites and computer systems are increasingly common. These attacks can be extremely damaging to businesses, particularly if security is breached and confidential business and personal data compromised. Cyber attacks and the resulting security breaches are part of a rapidly expanding international cyber threat that costs companies and taxpayers billions of dollars each year in lost information and response costs. Company executives are under increasing pressure to prevent these attacks and must act immediately to contain any damage once an attack occurs. Cyber Attacks: Prevention and Proactive Responses Vince Farhat, Bridget McCarthy and Richard Raysman, Holland & Knight LLP This Practice Note is published by Practical Law Company on its PLC Intellectual Property & Technology web services at http://us.practicallaw.com/3-511-5848.