Cyber Security

Carter Newell Lawyers is an award-winning specialist law firm providing legal advice to Australian and international corporate clients.

Drawing from several practice areas, our Cyber Team, led by partner Andrew Shute, has a deep understanding of the legal issues surrounding data privacy, cybersecurity breaches and the growing threat of cybercrime.

Cyber insurance, including against first party and third party losses, continues its expansion in Australia and is now a critical element of managing the risk of malware, business interruption, data breaches, reputational damage and notification costs.

Our Cyber Team includes specialist insurance partners Michael Gapes in Brisbane, Michael Bath in Sydney and Ben Hall in Melbourne, and our Workplace Advisory partner Lara Radik, who understand the complex, dynamic and commercially sensitive nature of matters arising under cyber policies. We work closely with insureds, insurers, underwriters, brokers and risk managers across all cyber risks, including ransomware, unauthorised disclosure of personal data or information, business interruption and denial of service attacks. Our team has the expertise to provide advice and a national co-ordinated response in respect of claims in this area.

We can readily provide advice with respect to the following:

  • Coverage and policy ramifications when dealing with a cyber-attack or ransom demand.
  • Responding to data breaches, both malicious and inadvertent.
  • Dealing with a hacking attack.
  • Compliance with legislative requirements.
  • Policy responses to first and third party claims.

Our experience includes:

  • Responding to a data breach resulting from human error and malware, including engaging loss adjusters, security specialists and crisis management consultants, and advising in relation to required notifications.
  • Assisting a professional indemnity insurer in respect of multiple claims under a cyber liability endorsement for first party hacker damage involving ransomware, including advice in relation to policy coverage.
  • Acting for an insured in relation to the inadvertent breach of sensitive data due to poor data sharing practices, including assisting to implement an incident response plan and to notify affected individuals.
  • Advising numerous insurers on their cyber policy wordings in the Australian market – stand alone and extensions - and providing advice regarding the scope and restrictions of the various offerings.
  • Analysis of a traditional policy for an intellectual property claim that would otherwise have been covered by a cyber-risks policy.
  • Consideration of data-security breaches in the employment context.
  • Advising on indemnity issues arising from the electronic transfer of funds to fraudulent overseas suppliers.

Publications and Presentations