Cyber & Data Security

The cyber insurance industry has grown rapidly in response to the increasingly digital global business landscape. More and more businesses are providing services online and storing sensitive data in the cloud, increasing their exposure to cyber breaches and associated business interruption and customer liability claims. The World Economic Forum has rated cyber attacks among the top five risks globally.

We are one of a select few law firms in Australia and New Zealand chosen by our clients to be a breach coach for their insured customers. Our team, led by Mark Anderson, Patrick Boardman and Andrew Moore, have provided assistance to a wide range of customers since 2014, ranging from small to medium enterprises to large multinational corporations.

We draft and advise insurers on data breaches, policy wordings and proactively support their customers in organising immediate and effective responses to suspected breaches and cyber threats, evaluating data and cyber exposures. This involves a close partnership with a select group of cyber specialists retained to:

• assess losses in more than 70 countries globally,
• helps get organisations ‘cyber ready’,
• mitigates potential risks,
• respond immediately and appropriately in the event of a cyber incident, including where possible restoration of data,
• conduct robust post-incident security reviews, and
• manage and draft crisis communications.

We also assist in the management of regulatory investigations, class action litigation and handling consumer complaints.

Some of our recent Cyber Risk experience includes:

  • Advising both insurers and insureds in relation to cover for first party hacker damage claims made by small to medium accountancy firms who had files encrypted with ransom ware / crypto locker viruses.
  • Investigating a possible subrogated recovery action for an insurer against a cloud provider in relation to the release of a crypto locker virus to its insured.
  • Advising on, and drafting of, appropriate cyber policy wordings for a number of insurers.
    Advising insurers on indemnity and liability in relation to claims against financial planners, FX trading platforms, stockbrokers and other service providers involving cyber fraud on client funds while also considering double insurance issues.
  • Advising an insurer in relation to policy coverage under a software developer’s professional indemnity policy regarding the failure of a multi million dollar software implementation project for the Victorian Government’s infringement notice system.
  • Advising the directors and senior managers of a newly listed ASX computer software company in relation to their directors’ duties, including their obligations under the Privacy Act and the Australian Privacy Principles.
  • Acting for a software developer and supplier in relation to inadvertent disclosure of its clients’ confidential price information.