Cyberattacks, data breaches and major technology vendor failures all require immediate solutions and expert advice
Organisations across all sectors are targets for cyberattacks and are working hard to firm up their security posture, while also navigating a rapidly changing regulatory environment and increasing scrutiny from a broad range of regulators.
Cyber resilience is absolutely critical to businesses.
How we can help
Our leading cyber and data protection team works closely with organisations to help prepare for and mitigate cyber risks, rapidly respond to cyber events and data breaches, and manage (and learn from) the fallout.
We have extensive incident response experience, having advised on some of the most complex cyber events worldwide. Our cyber coverage follows the sun. We have the capability to mobilise our experts quickly and across multiple jurisdictions, and to provide global coordination of your crisis response and strategy.
Being prepared not only minimises the risk of a cyber event or data breach occurring, it also reduces the time to respond to, and the potential impact of, crises that are impossible to predict or avoid.
How can we help?
Our team helps organisations get prepared and resilient by:
- Governance – undertaking risk and compliance assessments, advising on best practice information security risk management and data governance, and assisting with uplifts
- Regulatory requirements – advising on information security and operational resilience regulatory compliance strategy (including in relation to security of critical infrastructure, telecommunications and privacy laws, CPS234, the consumer data right regime, the Corporations Act and FIRB conditions)
- Engaging forensic and other experts – negotiating arrangements (in advance) with cyber forensic investigators, cyber extortion negotiation experts and crisis communications firms
- Response plans – developing incident response plans and playbooks
- Insurance – advising on cyber insurance arrangements
- Advice in advance – advising on critical aspects of a cyber response in advance of a cyber event (including on notification requirements, the legality of paying a ransom, sanctions, market disclosures and embedding privilege considerations into any response effort) so that these issues are not being considered for the first time when under extreme time pressure
- Board and executive training, and tabletop exercises – training boards, senior management and incident response teams, assisting with scenario planning and leading war gaming exercises
- Monitoring – closely monitoring the evolving global threat landscape, regulatory developments and enforcement trends
- Supply chain management – advising on supply chain management, including procurement and audit processes, and contracting arrangements
Our team has extensive experience advising on a wide range of cyber events and data breaches, including cyber extortion and ransomware attacks, business email compromises, brute force attacks, malicious insider activity, supply chain breaches and inadvertent data breaches. We also work closely with third party experts, including forensic and other cybercrime specialists and negotiators, PR agencies, insurers and consumer support organisations.
How can we help?
We help organisations navigate cyber incidents to resolution and can coordinate the end-to-end response or advise on discrete aspects, as required. This includes:
- assisting with any internal investigations, and ensuring that legal privilege is preserved where possible and appropriate
- engaging and working with forensic and other cyber response experts in a way that preserves legal privilege (where possible)
- advising on negotiations with threat actors in conjunction with other experts
- reviewing compromised material to identify personal and sensitive information
- engaging with law enforcement, government agencies and regulators across jurisdictions
- advising on board and management responsibilities
- advising on breach notification strategy, including preparing and coordinating communications to regulators, affected individuals, the market and other stakeholders
- advising on potential claims made by or against you
Once the worst has passed, we can work with you to manage the fallout, identify key learnings, and reassess and uplift systems to minimise the risk of recurrence.
How can we help?
- conducts incident post-mortems, reports on findings and makes practical recommendations for improvement
- works with internal teams to ensure uplift commitments are communicated, tracked and implemented
- advises on third party claims and litigation
- helps respond to regulator enquiries and formal investigations
- advises on issues relating to malicious insider activity
- provides training and ongoing risk mitigation
How can we help?
Our team also advises on information security issues in the context of commercial transactions and other business activities, including:
- mergers and acquisitions
- digital transformations
- data sharing arrangements
- consumer interactions
- corporate and data governance processes