Facing cybersecurity head on: the arbitration community develops guidance on how to tackle this difficult issue

There is an emerging consensus among the arbitration community that parties, arbitral institutions and tribunals in individual arbitration matters must give greater attention to cybersecurity in order to minimise the risks of a successful attack.

International arbitrations can involve parties that are prominent targets or potential targets of cyberattacks.  As part of the arbitral process, those parties may share material which is not in the public domain and access to which may have the potential to influence individuals, employees, share prices, corporate strategies and government policy.  Similarly, the outcome of an arbitration can have significant repercussions in the financial markets, meaning that obtaining draft forms of arbitral awards could be very lucrative for cybercriminals. As such, the arbitral process is a prime target for cyberattacks, particularly if hackers can identify a weak link in the chain of custody.

Over the last year several tools have become available to assist stakeholders in the arbitral process address issues of cybersecurity, including the draft Cybersecurity Protocol produced by a working group from International Council for Commercial Arbitration (ICCA), the New York City Bar Association (NYC Bar) and the International Institute for Conflict Prevention and Resolution (CPR) (see here), and the International Bar Association’s (IBA) Cybersecurity Guidelines (see here).

Continue reading