Cyber Risk
Anthony advises clients on cyber security, data protection and privacy matters.
Regional experience
Full Profile
Anthony’s role as a specialist in cyber security management encompasses a broad spectrum of responsibilities, from developing crisis response strategies and engaging with regulators to addressing data protection issues throughout the entire cyber incident lifecycle.
He is a pivotal figure in Clyde & Co's New Zealand operations, having served as the lead data protection advisor on some of the most significant breaches in New Zealand and the APAC region. His efforts are instrumental in shaping the firm’s offerings in these areas.
Anthony retains global experience, with a strong background in advising on e-commerce, telecommunications, privacy, and data security regulations across different continents. While in Sydney, he focused on Australian privacy and data security frameworks; in London, he navigated European data protection regimes and compliance programs. In New Zealand, he specialises in data protection and privacy compliance, safeguarding health, financial, and commercial data, and managing significant public sector and corporate matters related to these areas.
Anthony excels in implementing robust technical and operational solutions at the enterprise level. He has led responses to numerous cybersecurity incidents, including high-profile data breaches and complex cases of ransomware and business interruption.
Anthony also played a role in aligning New Zealand's privacy legislation with international standards, specifically the ISO/IEC 27701. Further, his qualifications span multiple jurisdictions, holding legal qualifications in both Australia and New Zealand, and he is a Certified Information Privacy Professional in Europe. Additionally, Anthony holds a Practitioner Certificate in Data Protection (UK) and contributes to numerous publications, including guidance for One Trust Guidance.
Experience
Anthony's experience includes:
- Managing business-critical issues and data breaches, responding to regulators, and advising on compliance with conflicting data protection laws in multiple jurisdictions.
- Incident response management and vendor coordination.
- Ransomware response and recovery.
- Data breach assessment and notification, including coordination of global and multi-party data breaches.