Our Practice

Cyber and data security risk is high up the corporate agenda in the light of many recent high-profile incidents.

Our team of cybersecurity specialists can advise on the legal and regulatory requirements surrounding cybersecurity preparedness and cybersecurity breaches. This includes managing and advising on litigation risk, including taking conduct in issued proceedings. Our team spans our own offices in Europe, the Middle East and Asia, as well as a network of correspondent firms such that we can provide global coverage and a seamless service. Our experience includes advising clients on:

  • information / cybersecurity policies and procedures and incident management plans
  • dealing with the investigation into and handling of a cybersecurity or data security incident
  • drafting and negotiating cyber and data security provisions in contracts
  • contracts for the provision of security related systems and services including firewall and monitoring systems and security testing services
  • dealing with IP and information theft
  • managing and advising on litigation and reputational risk arising out of a cybersecurity or data security incident, including taking conduct in issued proceedings.


Our experience includes

  • advising a life science research company and a medical device company on information security planning, including the information security policy, data protection policy, knowledge management policy, and “Bring-Your-Own-Device” policy
  • advising a major financial institution in relation to the identification and recovery of funds fraudulently transferred into Turkey as a result of a cybersecurity breach at a client of the bank
  • defending a major financial institution against threatened claims by a client of the bank following a cyber-attack on the client’s account
  • advising a large international bank on its information security policy (containing “Bring-Your-Own-Device” policy) covering mainland China, Hong Kong, Japan and Singapore
  • advising a major insurance company on the implementation of data loss prevention technology
  • an international Investment Bank on the recent FCA/PRA survey of financial institutions’ cybersecurity systems and procedures
  • one of the world’s biggest suppliers of hardware and software supporting telecoms networks on cybersecurity issues on a retained basis with global coverage
  • working with an international investment bank on its risk management process in relation to the use by third party technology providers of Open Source Software
  • advising a well-known brokerage in relation to an SFC investigation, which arose as a result of a client’s personal email account being hacked and money being stolen. The investigation focussed upon the systems and controls in place to prevent unauthorised transactions and developed into scrutiny of its anti-money laundering systems
  • acting as breach response manager for an international insurer
  • advising a UK Government department on a major data security incident resulting from a contractor failure. The incident was the subject of press coverage and questions to the Prime Minister
  • advising a representative of a large broker’s firm against criminal allegation of betrayal of business secrets
  • advising an international insurer on a case involving information extortion by external “PR advisors” who had detected cases of non-compliance with supervisory law
  • assisting several clients to react urgently when software and data have been stolen or misused by former staff, including by obtaining a range of interim injunction relief measures
  • acting for a manufacturer of flash memory drives in its dispute with a business services software provider.