- Front end legal services, including risk management strategies and advice
Our knowledge of relevant legal obligations, and our broad experience with cyber incidents, enables us to advise in relation to compliance with the Privacy Act 1988 (including drafting privacy policies and data breach response plans), draft contractual clauses for allocating cyber risk, review third party supplier contracts, and provide training to assist you to comply with your obligations.
- Cyber insurance
Our Cyber Team includes specialist insurance partners Michael Gapes in Brisbane, Michael Bath in Sydney and Ben Hall in Melbourne. We work closely with insureds, insurers, underwriters, brokers and risk managers across all cyber risks, including ransomware, unauthorised disclosure of personal data or information, business interruption and denial of service attacks.
- Incident Response
We are experienced in assisting our clients to manage and respond to cyber incidents. We work with them to ensure that the data breach response plan is implemented effectively, to manage internal and external communications and take steps to establish and maintain client legal privilege, to contain and assess any breach (including liaising with IT experts and managing the efficient review of compromised information), to consider and take any remedial action, to understand and seek to minimise risks to the business, customers and individuals, and to make appropriate notifications.
- Employment-related issues
We appreciate that cyber incidents can often be caused by the intentional or unintentional conduct of employees or contractors. In addition, cyber incidents may involve the compromise of sensitive personal information of staff. Our Workplace Advisory partner Lara Radik, and her team, are able to provide the full range of legal services required in managing employment-related issues in the context of such incidents.
- Litigation, including recovery actions
Our Cyber Team is experienced in advising in relation to and assisting with, litigated claims for the recovery of losses sustained as a consequence of cyber incidents - in particular, losses arising from Business Email Compromise (BEC) in which both the payor and the intended payee may be victims.