Cyber

Being prepared not only minimises the risk of a cyber event or data breach occurring—it also reduces the time to respond to, and the potential impact of, crises that are impossible to predict or avoid.

How can we help?

Our team helps organisations get prepared and resilient by:

• Governance – undertaking risk and compliance assessments (eg gap analyses), advising on best practice information security risk management and data governance, and assisting with uplifts
• Regulatory requirements – advising on information security and operational resilience regulatory compliance strategy (including in relation to security of critical infrastructure, telecommunications and privacy laws, CPS 234, the Consumer Data Right regime, the Corporations Act and FIRB conditions)
• Engaging forensic and other experts – identifying your cyber response panel and negotiating arrangements (in advance) with cyber forensic investigators, cyber extortion negotiation experts and crisis communications firms
• Response plans – preparing or uplifting incident response plans and playbooks
• Insurance – advising on cyber insurance policy placement and terms, including the scope of key coverage clauses and exclusions
• Advice in advance – advising on critical aspects of a cyber response in advance of a cyber event (including on notification requirements, the legality of paying a ransom, sanctions, market disclosures and embedding privilege considerations into any response effort) so that these issues are not being considered for the first time when under extreme time pressure
• Communications – auditing representations regarding cyber posture, and creating and uplifting template communications (internal and external)
• Board and executive training, and tabletop exercises – training boards, senior management and incident response teams, assisting with scenario planning and leading war gaming exercises
• Monitoring – closely monitoring the evolving global threat landscape, regulatory developments and enforcement trends
• Supply chain management – advising on supply chain management, including procurement and audit processes, and contracting arrangements.

Our team has extensive experience advising on a wide range of cyber events and data breaches, including cyber extortion and ransomware attacks, business email compromises, brute force attacks, malicious insider activity, supply chain breaches and inadvertent data breaches. We also work closely with third-party experts, including forensic and other cybercrime specialists and negotiators, payment firms, data review firms, PR agencies, insurers and consumer support organisations.

How can we help?

We help organisations navigate cyber incidents to resolution and can coordinate the end-to-end response or advise on discrete aspects, as required. This includes:

• Investigations – assisting with internal and external investigations, and advising on privilege issues
• Forensic and other experts – engaging and working with forensic and other cyber response experts
• Threat actor engagement – advising on negotiations with threat actors in conjunction with other experts
• Privacy and sensitivity reviews – reviewing compromised material to identify personal and commercially sensitive information
• Stakeholder engagement – advising on engagement with media, law enforcement, government agencies, regulators and insurers across jurisdictions, and on regulatory investigations and other enforcement action
• Advice on directors duties – advising on board and management responsibilities
• Notifications – advising on breach notification strategy, including preparing and coordinating communications to regulators, affected individuals, the market and other stakeholders
• Liability – advising on potential claims made by (or against) you
• Insurance – advising on coverage following the occurrence of a cyber incident and helping to navigate the claims process with your insurer (and any disputes should they arise).

Although cyber insurance should not be viewed as a substitute for cyber risk management or good planning, it can be a valuable component of your risk management strategy and will play a role in cyber incident response. We can help navigate and advise on claims under cyber liability insurance, as we have a detailed understanding of the process and the difficulties that may arise in pursuing claims for indemnity.

How can we help?

Our team can assist with:

• Policy placement and terms – including meeting underwriter requirements and negotiating key terms during renewal that may affect the scope of your cover
• Engaging forensic and other experts – including identifying your 'cyber panel' (eg forensic advisors, negotiators, PR, payment and data review firms) and obtaining pre-approval of these experts from the insurer
• Incident response – working with you to embed insurance considerations throughout your incident response journey, including through early notification and engagement of insurers and upfront consideration of coverage issues.

Once the worst has passed, we can work with you to manage the fallout, identify key learnings and reassess and uplift systems to minimise the risk of recurrence. 

How can we help?

Our team can assist with:

• Post incident reviews – conducting incident post-mortems, reports on findings and making practical recommendations for improvement, and assisting with ongoing risk mitigation
• Uplift – working with internal teams to ensure uplift commitments are communicated, tracked and implemented
• Liability issues – advising on third-party claims and litigation (including defending class actions and pursuing claims against insurers)
• Investigations – helping to respond to regulator enquiries and formal investigations, and other engagement with regulators and law enforcement
• Internal issues – advising on issues relating to malicious insider activity
• Training – providing training (including for boards, senior executives and incident response teams)
• Scenarios and simulations – developing and facilitating tailored cyber incident simulation/scenarios for incident response teams, senior management and/or the board.

Data breach class actions are now high risk for consumer-facing organisations that experience a data breach that impacts a large number of customers. The likely introduction of a direct right of action for a breach of the Privacy Act—making it easier for these claims to be brought—will only increase this risk.

How can we help?

Our team can assist with:

• Risk management – implementing risk minimisation options before proceedings commence, identifying and managing potential regulatory and other contagion exposures, and protecting your business against reputational risks
• Defence strategy – developing defence strategies canvassing legal and factual matters, and designing innovative options for commercial resolution
• Proceedings – establishing effective lines of communication and cost-effectively managing the conduct of the proceedings.

How can we help?

Our team also advises on information security issues in the context of commercial transactions and other business activities, including:

• mergers and acquisitions
• digital transformations and procurements
• corporate and data governance processes
• data sharing arrangements
• consumer interactions
• research and development
• privacy surveillance advice and internal behavioural monitoring.