Cyberattacks, data breaches and major technology vendor failures all require immediate solutions and expert advice

Organisations across all sectors are targets for cyberattacks and are working hard to firm up their security posture, while also navigating a rapidly changing regulatory environment and increasing scrutiny from a broad range of regulators.   

Cyber resilience is absolutely critical to businesses.

How we can help

Our leading cyber and data protection team works closely with organisations to help prepare for and mitigate cyber risks, rapidly respond to cyber events and data breaches, and manage (and learn from) the fallout.

We have extensive incident response experience, having advised on some of the most complex cyber events worldwide. Our cyber coverage follows the sun. We have the capability to mobilise our experts quickly and across multiple jurisdictions, and to provide global coordination of your crisis response and strategy.

Getting prepared and resilient

Being prepared not only minimises the risk of a cyber event or data breach occurring, it also reduces the time to respond to, and the potential impact of, crises that are impossible to predict or avoid.

How can we help?

Our team helps organisations get prepared and resilient by:

  • Governance – undertaking risk and compliance assessments, advising on best practice information security risk management and data governance, and assisting with uplifts
  • Regulatory requirements – advising on information security and operational resilience regulatory compliance strategy (including in relation to security of critical infrastructure, telecommunications and privacy laws, CPS234, the consumer data right regime, the Corporations Act and FIRB conditions)
  • Engaging forensic and other experts – negotiating arrangements (in advance) with cyber forensic investigators, cyber extortion negotiation experts and crisis communications firms
  • Response plans – developing incident response plans and playbooks
  • Insurance – advising on cyber insurance arrangements
  • Advice in advance – advising on critical aspects of a cyber response in advance of a cyber event (including on notification requirements, the legality of paying a ransom, sanctions, market disclosures and embedding privilege considerations into any response effort) so that these issues are not being considered for the first time when under extreme time pressure
  • Board and executive training, and tabletop exercises – training boards, senior management and incident response teams, assisting with scenario planning and leading war gaming exercises
  • Monitoring – closely monitoring the evolving global threat landscape, regulatory developments and enforcement trends
  • Supply chain management – advising on supply chain management, including procurement and audit processes, and contracting arrangements
Incident response

Our team has extensive experience advising on a wide range of cyber events and data breaches, including cyber extortion and ransomware attacks, business email compromises, brute force attacks, malicious insider activity, supply chain breaches and inadvertent data breaches. We also work closely with third party experts, including forensic and other cybercrime specialists and negotiators, PR agencies, insurers and consumer support organisations.

How can we help?

We help organisations navigate cyber incidents to resolution and can coordinate the end-to-end response or advise on discrete aspects, as required. This includes:

  • assisting with any internal investigations, and ensuring that legal privilege is preserved where possible and appropriate
  • engaging and working with forensic and other cyber response experts in a way that preserves legal privilege (where possible)
  • advising on negotiations with threat actors in conjunction with other experts
  • reviewing compromised material to identify personal and sensitive information
  • engaging with law enforcement, government agencies and regulators across jurisdictions
  • advising on board and management responsibilities
  • advising on breach notification strategy, including preparing and coordinating communications to regulators, affected individuals, the market and other stakeholders
  • advising on potential claims made by or against you
Recovery, review and remediation

Once the worst has passed, we can work with you to manage the fallout, identify key learnings, and reassess and uplift systems to minimise the risk of recurrence. 

How can we help?

Our team:

  • conducts incident post-mortems, reports on findings and makes practical recommendations for improvement
  • works with internal teams to ensure uplift commitments are communicated, tracked and implemented
  • advises on third party claims and litigation
  • helps respond to regulator enquiries and formal investigations
  • advises on issues relating to malicious insider activity
  • provides training and ongoing risk mitigation
Other security measures

How can we help?

Our team also advises on information security issues in the context of commercial transactions and other business activities, including:

  • mergers and acquisitions
  • digital transformations
  • procurements
  • data sharing arrangements
  • consumer interactions
  • R&D
  • corporate and data governance processes

You may also be interested in

What the top five cybersecurity trends mean for your business in 2022

Organisations must remain vigilant in the face of increasingly sophisticated cybersecurity attacks – arising from within and outside their organisation. Read more.

Federal Court finds cyber risk management is a critical obligation for financial services firms

In proceedings brought by ASIC against RI Advice, it was found that as a result of its failure to manage cybersecurity risks and cyber resilience, RI Advice breached its obligations under the Corporations Act. Read more here.

Australian Government releases its Ransomware Action Plan

This development forms part of the Government's Cyber Strategy and is the latest in a series of actions taken by the Government to combat the escalating threat of ransomware and cyber extortion attacks. Find out more.


Highly regulated global Australian-based technology company

Have advised regarding a series of cyber events, including a sophisticated hack, the theft of company laptops, and a phishing attack resulting in the compromise of a large amount of sensitive company data and personal information.

Major financial institution

Acting as breach coach and advising on its whole-of-group cyber preparedness and uplift program.

Global Australian-based payments company

Have advised regarding a series of cyberattacks, including on its incident response and remediation activities.

Major financial institution

Have advised on its whole-of-group supplier CPS 234 uplift program.

State government agency

Have advised on its response to a significant and high-profile data breach that involved the compromise of a large number of employee mailboxes.

Major Australian-based global retailer

Have advised on its assessment of and response to a significant cyber attack, and its global notification strategy, including notifications in the US, Canada, UK and Australia.

Major global technology company

Have advised on a lengthy formal investigation by the OAIC and in relation to the regulator's determination.

OAIC investigations

Working with clients across the banking, energy, telecommunications and technology sectors in responding to formal investigations by the OAIC into their data handling practices.

Major Australian sporting organisation

Have advised on a high-profile breach of sensitive information.