You are here

Cyber risk advisory

Legal, technical and commercial expertise to keep your business cyber secure

Share

At Herbert Smith Freehills, we understand that managing cyber risk is one of the highest priorities for our clients. This is why we have built a dedicated cyber practice to provide 360-degree cyber risk management and incident response services. 

Whether your challenge relates to ransomware, cyber extortion, corporate espionage, inadvertent disclosure, advanced persistent threat, or something else – we have the subject matter expertise to assist you.  With a ‘follow the sun’ model, 26 offices worldwide and an established network of trusted best-friend firms, our teams can provide assistance wherever and whenever you need it.  Our practice brings together subject matter expertise across data privacy, insurance, regulatory, compliance, corporate governance, disputes and more to provide a complete end-to-end service for your needs.  Our multi-disciplinary team have backgrounds in IT, forensics and cyber security, and can “speak the same language” as your technical teams.

Leading multinationals turn to us as their trusted advisers across the full cyber risk management lifecycle. We can help you with all your cyber security needs, including:

Our risk management and advisory services include developing incident response plans, delivering cyber incident simulations, advising Boards, reviewing policies and procedures, and uplifting overall cyber resilience.

We offer 24/7/365 cyber incident response standby retainers.  We recognise that one size does not fit all when it comes to cyber.  We tailor our services to fit exactly what you need, are independent and can work with any forensic, IT or other providers of your choosing.  Should an incident occur, we are your trusted crisis management advisers.  Our experts can provide bespoke advice to guide you through the incident and its aftermath, including working with you to manage ransomware negotiations, media and communications strategies, law enforcement and regulator engagement, supplier and customer disputes, realising insurance recoveries, class actions and more.

Our 350+ strong global team of data and technology specialists can provide the full suite of data breach analytics services,  including processing, analysis, analytics and hosting services, to get to the heart of compromised data and to understand the issues it presents.

SUBSCRIBE TO OUR CYBER AND DATA SECURITY BLOG

Recent Experience

COLES

Assisting on privacy law reform, big data analytics, loyalty programs, privacy training, regulatory investigations, direct marketing and targeted advertising across multiple channels including email, web, social media and mobile apps.

PAGEUP PEOPLE

Assisting in relation to all aspects of its data breach involving customer information, including liaising with regulators in four countries, advising the board, preparing external communications and reviewing relevant agreements.  

A global financial services company

We are appointed as the sole APAC and EMEA cyber security counsel to a global financial services company to assist in managing cyber security risks and incidents across 26 countries.

A MULTINATIONAL ENERGY COMPANY

We are the preferred cyber security legal counsel to an energy multinational, advising globally.

a global company

We acted for a global company in relation to incident response following the inadvertent disclosure of the entirety of its global HR database to an unrelated third party by one of its cloud service providers. The incident affected employees in multiple jurisdictions across Australasia, Europe and the Americas. Herbert Smith Freehills London coordinated the global response (engaging local counsel where required). 

A GLOBAL INVESTMENT BANK

We advised a global investment bank in relation to a cyber security incident which saw US$40 million taken from a number of accounts, including reporting to and subsequent liaison with the relevant regulators, and on litigation by the account holders seeking to recover their losses from the bank. 

Insights and updates

25th November 2022
Building a robust data governance and privacy compliance regime requires strategic planning and meaningful business...
22nd August 2022
Like all forms of insurance, the cover actually provided by policies which might be thought...
5th October 2022
Recent amendments to the Security of Critical Infrastructure Act 2018 (“the Act”) constitute some of...
5th May 2022
Our technology disputes practitioners have recently published a Q&A in Practical Law on Disputes in...

Our People