Cyber and information security

The way we do business has been transformed by data-driven technological advancements and remote working arrangements – with that, cyber attacks and the theft and misuse of personal and valuable commercial information have become increasingly prevalent. The regulatory landscape has begun to rapidly evolve as we move into an increasingly cyber future. It is important now more than ever for all businesses, big and small, to devote the necessary time and resources to understand and manage their data protection risks to avoid serious commercial and reputational damage, and potential legal liability for the business and board members or officers. We can help.

We have a unique partnership with leading cybersecurity and forensic IT specialists, enabling us to be your one-stop shop for all cyber and information security needs.

Our team of cyber and information security specialists advises clients at each stage of the data lifecycle – from proactive risk management to incident response and recovery.

From the outset, we work closely with our clients to identify and manage internal and external data privacy and security risks through legal documentation, establishment of appropriate board and management governance arrangements, policies and procedures, on-boarding arrangements and IT protection. This includes ensuring compliance with regulated and contractual cyber and information security requirements and having effective arrangements in place to manage cyber security supply chain risks and response plans in the event of a cyberattack or data breach.

Should a cyber incident or information breach occur our team will be right by your side to advise and assist you with response, damage mitigation, recovery and obtaining legal remedies.

• On-boarding advice
• Information security effective employment and consultancy contracts
• Data protection program development
• Development of policies including:
  • cyber and information security;
  • ICT and social media use;
  • privacy
• Cyber regulation compliance and governance including:
  • privacy and data breach response;
  • critical infrastructure and ransomware regulation;
  • corporations law and directors’ duties;
  • ASX requirements and reporting;
  • financial services and superannuation regulation
• Commercial contract information security terms and advice
• Non-disclosure agreements
• Cyber incident response and recovery advice
• Forensic investigation and data recovery
• Legal action to prevent misuse of information and recover loss

• Reviewing and advising on a cloud services agreement for an online retailer, including with respect to PCI-DSS compliance, data security, privacy and audit rights.
• We advised an international clothing retailer on privacy policy, data breach response and collection and use of Covid-19 vaccine status information.
• A national pharmacy group sought our advice on privacy policy, collection, and use of Covid-19 information and use of anti-fraud surveillance information.
• We advised a national retailer on ransomware attack and data breach of third party cloud based service provider including loss recovery and termination rights.
• We developed and delivered a data breach response plan for significant vertically integrated property group and advising on response to external data breach.

DMAW Lawyers is a member of the Cyber Alliance Group – a collaboration between DMAW Lawyers, Comunet and Digital Trace Australia to provide comprehensive cyber security advice and services to businesses.

DMAW Lawyers is also an active member of the Australian Cyber Collaboration Centre.