Joseph, who has worked in both New Zealand and the UK, advises large sporting, health, education and infrastructure bodies as well as SME and non-profit entities on cyber and data security risks. He takes a proactive and commercial approach to addressing issues such as incident response, cyber insurance coverage, data privacy and data protection.

Joseph’s recent experience in London included advising on the full range of cyber and data incidents, spanning data breaches, network compromises, malware and ransomware infections, and various bank and payment frauds. He also advised on several large-scale GDPR readiness projects and the development of cyber incident response plans.

Beyond his cyber and data security experience, Joseph advises on the full range of professional indemnity and insurance claims. His experience includes defence and coverage instructions for a range of professionals including builders, architects, solicitors, accountants and financial advisors, as well as tech PI and E&O disputes.

Cyber, Privacy + Data Security

  • Advising an elite sporting institution following its suspicion of network compromise. Further investigation using IT forensics revealed an extensive network compromise and data exfiltration. This matter involved analysing the compromised data and notifying relevant regulators and data subjects, and advising on the subsequent media attention. No fines or compensation claims were incurred.
  • Advising a national health institution following the theft of more than 200 hard-drives containing patient data. This matter involved conducting an investigation with IT forensics, preparing notifications to relevant regulatory bodies and affected third parties, and advising on media strategy and holding statements. The investigation concluded that data would not be accessible from the hard drives and that further notification was unnecessary.
  • Advising a sporting body after it received a threat of cyber interference with a televised sports event. This matter involved liaising with law enforcement in the UK and overseas, identifying the likely threat vector from the malicious third party’s correspondence, and instructing foreign counsel to obtain injunction against the ISP in relevant overseas jurisdictions. The event proceeded successfully.
  • Advising on a cyber insurance policy following extensive malware infection at an insured bank, which led to extensive remediation works. This included advising on wording issues, analysing invoices for technical work conducted, and managing settlement discussions with the insured.
  • Conducting extensive GDPR “gap analysis” exercise for a major shipping institution, which consisted of 20 interviews with key figures and a review of policies. Joseph drafted the full suite of privacy and data protection policies and documentation, which have been implemented across the organisation internationally.


  • Acting for an insured firm of architects in defending a negligence claim concerning restoration and re-purposing of historical building. Claim settled at mediation for fraction of initial claim.
  • Acting for an insured IT services provider in a dispute with its client regarding a transformation project that was delayed following a network compromise at the client. Investigations revealed the compromise was caused by an employee of the insured. The matter was successfully settled.
  • Acting for a group of claimants defrauded by their personal financial advisor. Claims were made against the financial advisor in their personal capacity and other associated parties, including pension trustee, administrator and the personal financial advisor’s employer.
  • Advising a client under investigation by the London Metropolitan Police and various regulatory bodies on alleged anti-money laundering and financing terrorism offences.
Areas of Expertise
  • Cyber, Privacy + Data Security
  • Professional Liability
  • Property – Commercial
  • Technology Liability

Industry Representation
  • Technology + Cyber
  • Healthcare + Life Sciences
  • Professions + Business Services
  • Small Medium Enterprises (SMEs)
  • Sports, Leisure + Entertainment