Cybercrime is a significant and growing threat to Australian businesses, with incidents becoming more frequent and sophisticated. Regulatory scrutiny on protective measures is also increasing. A data breach can cause severe reputational, financial, and legal damage. Understanding cybersecurity and privacy law is crucial to protect your business and clients from these threats.

How we help

W+K’s expert team navigates the complex legal landscape of cybersecurity compliance and privacy laws, focusing on your business needs. We provide advice and support to manage privacy, data, and technology risks, optimise outcomes, ensure compliance, and limit exposure in the event of a cyber incident.

Our specialist lawyers have extensive experience handling cyber incidents, including data breaches and email hacking. We’ve managed hundreds of claims, including some of Australia’s largest and most complex incidents.

With over 20 dedicated cyber and technology lawyers in Australia and New Zealand, and relationships with global firms, we offer unmatched expertise and support.


Comprehensive analysis and tailored solutions to mitigate security threats and ensure privacy compliance.

Proactive protection

We help you prepare for and respond to cyber incidents with a three-stage management solution:

  1. Incident triage: 24/7 cyber incident response hotline, with one-hour response time.
  2. Incident response: Initial report within 24 hours on priority workstreams and next steps with incident management.
  3. Incident investigation and resolution: Manage investigations, coordinate third parties, support client communications, and advise on regulatory issues.


Immediate, effective response to cyber incidents to minimise impact and avoid litigation.

Safeguard your data

We advise on data lifecycle management, privacy compliance, and technology transactions. We develop data policies, conduct privacy audits, and ensure regulatory alignment. Our training sessions upskill your team on critical topics.


Expert guidance through technology-related lawsuits, coverage advice, and class action defense.

Legal defence

Our team helps you defend against claims and class actions and respond to regulatory investigations and proceedings. We manage litigation to achieve the best commercial outcomes. Our dual approach combines litigation management and industry-specific expertise.

Comprehensive Cyber Regulatory and Corporate Advisory

We work closely with our class actions and corporate advisory team led by litigator Amanda Beattie, offering our clients a holistic solution. This combined expertise ensures optimal outcomes for our clients in cyber-related class actions and regulatory matters. We are dedicated to helping our clients protect their business, manage risks, and navigate the complexities of cybersecurity and technology law, while also offering comprehensive regulatory and corporate advisory solutions.

Kieran Doyle
Head of Cyber & Technology, Sydney
P: +61 2 8273 9828

A dedicated 24/7 cyber incident response hotline

AUSTRALIA: 1800 316 706
NEW ZEALAND: 0800 9525 2467
INTERNATIONAL: +64 9 600 5570

We operate a cyber incident response hotline that is monitored 24/7 by our dedicated team of breach response lawyers. By using a lawyer as an incident manager, we can immediately protect key reports and other sensitive communications with your customer and other vendors under legal professional privilege.

Recent work

Acting for organisations in instances of brute force, phishing and Office 365 compromises involving the compromise of data records, requiring potential mandatory notification, handling sensitive communications to customers, and managing reputational risks.

Advising insurers and their clients on coverage for first party hacker damage after claims made by small to medium accountancy firms that had files encrypted with ransomware / crypto-locker viruses.

Leading the response to allegations against a large New Zealand technology company in a major data security breach affecting over 1,000 customers. This included coordinating the forensic and PR response and addressing third party contract claims.

Social engineering, phishing and spear phishing attacks against businesses large and small, including where a supplier or manager is impersonated and the business is fooled into paying money to a fraudulent third party.