From 1 July 2026, an estimated 90,000 Australian businesses become reporting entities under Tranche 2 of the AML/CTF reforms. Most have been focused on the anti-money laundering obligations themselves. Far fewer have noticed what arrives at the same time: for most of these businesses, 1 July also marks the first time the Privacy Act 1988 (Cth) has ever applied to them.

While GenAI tools present opportunities for faster research and drafting, for example, they also introduce significant risks that Australian solicitors need to manage. Recent cases across multiple jurisdictions demonstrate the potential for serious consequences in the event of improper use of GenAI. This article examines these risks and provides practical guidance for law firm managers to implement appropriate safeguards and maintain professional standards within their law practice.

The Australian Government’s Digital ID Scheme is being expanded to encompass state governments and the private sector via a newTrusted Digital ID Framework. For law firms, Digital ID can streamline identification processes and reduce risks.

As Australia heads into 2025, sweeping reforms are transforming our digital landscape. The landmark Cyber Security Act 2024, alongside major privacy and Digital ID reforms, signals a significant overhaul of Australia's digital regulations. From mandatory ransomware payments reporting to enhanced privacy protections and a new Digital ID framework, these changes set clear expectations for how organisations handle cyber threats and personal information. With implementation deadlines approaching, businesses and government agencies face crucial decisions about compliance and digital security. Discover how these reforms will reshape Australia's digital future and what your organisation needs to know to prepare for the changes ahead.

The 2023 cyber incident affecting HWL Ebsworth was hardly the first data breach to have an impact on an Australian legal practice, but it was the largest and most devastating in terms of impact across individuals and sectors.

In October 2023 Law & Cyber was invited by the Parliamentary Joint Committee on Law Enforcement to file a submission on the capability of law enforcement to respond to cybercrime.

In the world of cyber risk, it’s often said that “humans are the weakest link,” which can be an exercise in blaming and shaming that is hardly helpful and puts a huge and unfair responsibility on individuals who may make a single, understandable mistake.

Data breaches at scale: implications of the Optus and Medibank breaches.

The recent spate of reported cyber-attacks is likely due to both increased frequency and greater reporting obligations under Australian law.

Business email compromise is an insidious and increasingly common means of fraud that poses a threat to any businesses, especially law firms, that act as trustees in large transactions.

A potentially costly ransomware attack on a major American law firm is a reminder for all firms to educate their employees about cyber risks at a time when more people are working during the COVID-19 crisis

Cybercrime is challenging organisations everywhere, with daily news stories about businesses, government organisations and even global IT companies that have been hacked. Law societies and insurers have been warning lawyers about cyber risk, in particular…

Conveyancers have been early adaptors of electronic conveyancing, which has been mandatory for all mainstream property transactions in NSW since 1 July 2019. With the commencement of this new era it is timely to consider the lessons that have been (and can still be) learned about cyber risk and resilience in conveyancing.

Cyber risk may be a modern phenomenon, but the old adage about an ounce of prevention being better than a pound of cure still applies.

Be proactive in understanding your practice’s cyber security profile – do not regard it as a ‘set and forget’ issue.

Our article by Simone featured in the Law Society Journal, December 2018. Click though to read the full article where Simone discusses the types of scams impacting legal practices, and how they actually work. She highlights possible dangers in outsourcing responsibility for cyber resilience to external IT consultants and, how do different insurance policies respond?

Podcast: Panel discussion on Cyber Security for lawyers, featuring Simone as one of the panellists.