Incident Legal Response.

When a cyber incident strikes, the legal clock starts immediately. Having the right lawyer in the room from the first hour can determine your regulatory exposure, your insurance position and your legal liability.

OVERVIEW

A cyber incident is not just an IT crisis. From the moment it is confirmed, it triggers a cascade of legal obligations: notification timelines under the Notifiable Data Breaches scheme, potential reporting obligations under the Security of Critical Infrastructure Act and the Cyber Security Act, ransom payment reporting requirements, insurance notification obligations and the legal exposure that follows if any of these are mishandled.

Decisions made in the first 24 to 72 hours of an incident can define the legal outcome for months or years. The organisations that navigate incidents best are those that have legal advice running in parallel with their technical response from the outset — not as an afterthought once the immediate crisis has passed.

Law & Cyber provides that legal advice. Simone Herbert-Lowe has advised organisations responding to some of Australia's most significant cyber incidents, given expert written opinion in Supreme Court proceedings where the amounts in dispute were in the tens of millions of dollars, and made submissions to the Parliamentary Joint Committee on Law Enforcement into Cybercrime. When the pressure is highest, you want a lawyer who has been there before.

What we advise on.

Following a devastating ransomware attack, Law & Cyber were engaged to provide legal advice in support of our efforts to recover lost data, consider privacy impacts and subsequently seek compensation from our managed IT service provider. Law & Cyber provided an extraordinary level of insight, expertise, experience and professionalism. The consultancy delivered a very successful outcome including a settlement from the relevant insurer.
— General Manager, Building Industry

Are you prepared?

If you have not already reviewed your incident response plan from a legal perspective, now is the time. We work with organisations ahead of incidents — reviewing their plans, identifying legal gaps and ensuring that the right frameworks are in place before they are needed.

Explore our Incident Preparation & Response advisory service →

Dealing with an incident right now?

Contact us immediately. We are available for urgent matters.