Cyber Law & Digital Risk
Cyber Law & Digital Risk
Where Legal Strategy Meets Cybersecurity
When a cyber incident occurs, the first 72 hours determine whether a business survives it legally and operationally intact. SIRI Law LLP is uniquely positioned to provide legal-led cyber incident response — combining the legal obligations of breach notification with the technical demands of digital forensics, regulatory filings, and evidence preservation.
Our Cyber Law & Digital Risk Services
Five Practice Clusters. One Integrated Response.
🔐 Incident Response — Legal + Technical
- ·CERT-In 6-hour notification compliance (IT Amendment Rules 2022)
- ·DPDPA Data Protection Board breach reporting
- ·GDPR 72-hour supervisory authority notification
- ·Ransomware response — legal strategy, negotiation advisory, payment analysis
- ·Legal privilege framework — protecting investigation findings
- ·Insurance notification and coverage coordination
- ·Post-incident regulatory investigation defence
- ·AI-assisted threat actor attribution legal advisory
📄 Technology Contracts
- ·SaaS Master Services Agreements
- ·Cloud Services Agreements (AWS, Azure, GCP customer-side review)
- ·Data Processing Agreements (DPAs) — DPDPA and GDPR compliant
- ·AI model licensing — deployment, fine-tuning, output ownership
- ·Software development agreements — IP ownership, escrow, acceptance testing
- ·IT outsourcing agreements — service levels, data security, transition
- ·Generative AI commercial terms — indemnity, liability, usage restrictions
🔍 Digital Forensics
- ·Computer and mobile device forensic imaging and analysis
- ·Email forensics — spoofing, phishing source tracing, account compromise
- ·Network forensic analysis — intrusion timeline reconstruction
- ·Log analysis — access, authentication, and activity reconstruction
- ·Section 63 BSA / Section 65B certificate preparation for court proceedings
- ·AI-generated content forensics — deepfake detection and attribution
- ·Expert witness support for court and arbitral proceedings
⚖️ Cybercrime Advisory
- ·Cyber fraud — FIR filing, cybercrime cell liaison, asset tracing
- ·Online defamation and impersonation — civil and criminal remedies
- ·Data theft and corporate espionage
- ·Hacking and unauthorised access matters
- ·Cryptocurrency fraud — tracing, recovery advisory, FIR strategy
- ·AI-generated deepfake fraud and non-consensual intimate imagery
- ·Defence in cybercrime prosecution — bail, trial, appeals
🛡 Data Protection Advisory
- ·Privacy policies, notice frameworks, and consent architecture
- ·Data Protection Impact Assessments (DPIAs)
- ·Retention schedules and data lifecycle management policies
- ·Records of Processing Activities (RoPA)
- ·Vendor Data Processing Agreements
- ·AI system data governance policies — training data, inference, output
- ·Employee data privacy policies and monitoring frameworks
Representative Matters
Typical Engagements
All matters described generically to protect client confidentiality.
Ransomware Incident Response
Managed legal incident response for a manufacturing company following a ransomware attack — coordinating CERT-In notification within the 6-hour window, advising on ransom payment legal risk, and managing notifications across three applicable frameworks simultaneously.
AI-Generated Deepfake Fraud
Advised a high-net-worth individual targeted in a deepfake voice fraud scheme — obtaining a police FIR, coordinating digital forensics to trace the attackers, and pursuing civil remedies including freezing orders.
SaaS AI Contract Dispute
Represented a technology company defending a ₹2.5 crore damages claim for alleged AI output failures — successfully through contractual limitation of liability provisions and technical expert evidence.
CERT-In Compliance Framework
Advised a digital payments company on building a CERT-In-compliant incident response framework — including notification workflows, log retention architecture, and a tested incident communication plan.
Frequently Asked Questions
What are CERT-In’s mandatory incident reporting requirements?
Under the CERT-In Amendment Rules 2022, service providers, intermediaries, data centres, and body corporates must report cybersecurity incidents to CERT-In within 6 hours of detection. Failure to report is a criminal offence. Organisations must also maintain logs for 180 days and make them available to CERT-In on demand.
Is legal advice on cyber incidents protected by attorney-client privilege?
Legal advice provided by a qualified attorney is protected by attorney-client privilege in India. Structuring your incident response through legal counsel from the outset preserves this protection while still meeting notification obligations.
What should our business do immediately after discovering a cybersecurity incident?
Immediately: (1) Do not power off or wipe affected systems; (2) Isolate affected systems from the network; (3) Contact legal counsel; (4) Begin notification timeline tracking for CERT-In (6 hours) and DPDPA/GDPR (72 hours); (5) Retain forensic investigators under legal privilege. Do not communicate externally until legal strategy is in place.
Cyber Incidents Don't Wait for Business Hours
Our cyber incident response team is available around the clock. Call directly for urgent matters.
Also see: Cybersecurity Services · Data Privacy Law