1. Expertise

Cyber Risk

One is a global, locally tailored, cyber risk solution

The potential reputational damage, operational disruption and financial exposure from a cyber incident can be significant. That’s why we’ve developed One. Our specialist team provides expert advice on how to address compliance risks, navigate crisis response, and respond to data protection and privacy issues across the full cyber lifecycle.

We can provide support whenever and wherever you need it to restore continuity and get you back to business as usual. We assist clients on all cyber and related issues, from breach readiness audits to breach response, and through to successful resolution.

One manages every aspect of cyber risk through Readiness to Response and Recovery.

Readiness - Boost your resilience and preparedness.

Response - Mitigate risk through decisive action following a cyber incident.

Recovery - Get back to business as quickly as possible.

Stronger Together. Facing down cyber risk.

Cyber Tabletop and Simulation Exercises

Cyber Tabletop and Simulation Exercises

Data mining

Data mining

Meet the breach coach

Meet the breach coach

Cyber Source

Cyber Source

Why choose Clyde & Co?

Having managed over 5,000 incidents globally, we know how to manage cyber risks. 

We are a law firm, but not your typical law firm. We have one of the largest dedicated cyber teams across our network of 60+ offices and offer a ‘follow-the-sun’ model, with our teams in different regions available to assist around the clock.

One brings together the best of Clyde & Co’s international experience, combined with a network of specialist partner cyber firms, adopting One approach, One standard and One process. We provide an unmatched platform of specialists delivering services in English and local languages wherever we operate under the One network.

In the event of a cyber incident, we would support you with a flexible suite of services, depending on the requirements, ranging from initial legal advice to providing a comprehensive breach response.

24/7/365 cyber incident response lines

Find out details about our dedicated cyber incident response lines.

Find out more Clyde One

Contact us

Client Case Studies

Cyber simulations - forewarned is forearmed

Cyber simulations - forewarned is forearmed

Fast fashion fraud

Fast fashion fraud

Cyber team helps global company retrieve stolen data

Cyber team helps global company retrieve stolen data

Crime doesn’t pay

Crime doesn’t pay

Our Cyber risk contacts

Helen Bourne

Partner

St Botolph Building
138 Houndsditch
London
EC3A 7AR
UK & Europe

Helen jointly leads the global cyber team and advises both insurers and corporate entities on a wide range of cyber risk matters including incident response. She works closely with the global team on cross-jurisdictional incidents and has significant experience dealing with data protection regulators, including coordinating EU wide regulatory investigations.

+44 (0) 20 7876 5000 View details

John Moran

Partner

Clyde & Co
Level 15,
333 George Street
Sydney
NSW 2000
Asia Pacific

John is a recognised leader in cyber risk and incident response space and jointly leads the global cyber team. John manages Australia’s leading cyber incident response teams and his team have advised on over 700 cyber incidents in recent times, including on some of the most high profile and complex incidents, both locally and globally.

+61 2 9210 4974 View details

Ian Birdsey

Partner

St Botolph Building
138 Houndsditch
London
EC3A 7AR
UK & Europe

Ian advises corporate and insurer clients on managing domestic and international cyber incidents and data breaches, claims and recovery actions, regulatory investigations and subsequent litigation including group claims. Ian jointly leads the global cyber team and assists clients to improve their overall cyber resilience through a range of pre-breach services such as cyber simulations.

+44 20 7876 6272 View details

Cyber Summit 2024

Watch the highlight reel, read the report, download the Under The Hood Guide and check out the photos from the day here.

Read More
View all Cyber Risk Insights

Our Cyber Risk Work

  • All
  • Africa
  • Asia Pacific
  • Middle East
  • North America
  • UK & Europe

  • Acting as GDPR Counsel following a data breach

    The breach which necessitated notice to all 28 EU supervisory authorities and involved managing a number of regulatory investigations across the EU.

    United Kingdom

    Acting for a larges water distributor-retailers in in relation to its incident response

    Acting for one of the largest water distributor-retailers in Australia in relation to its incident response following a high value, major technology supply chain failure which had the potential to impact services to over 1.5 million customers.

    Australia

    Acting for a major logistics provider in relation to lost employee data

    This included negotiations with the ICO and dealing with employment law implications and customer communications.

    United Kingdom

    Acting on the instructions of a multi-national insurer as local breach counsel

    Acting on the instructions of a multi-national insurer as local breach counsel in respect of a fraudulent payment scheme involving suspected social engineering under its South Africa cyber policy.

    South Africa

    Advising a financial institution following a personal data breach incident

    Advising a financial institution in Singapore following a personal data breach incident involving unauthorised emails sent from the computer system of a third party service provider to the customers of the financial institution.

    Singapore

    Advising a government agency on contracting risks

    Advising a local New Zealand government agency on cloud services contracting risks including cross-border data breach reporting obligations.

    New Zealand

    Advising a government company on adjustments to its terms and conditions

    Advising a Saudi government company on adjustments to its terms and conditions to address cyber risk and liability.

    Saudi Arabia

    Advising a government entity on the outsourcing of services

    Advising a government entity in Oman on the outsourcing of services to a third party operator to support the establishment of a national cybersecurity operations centre

    Oman

    Advising a regulated business on the cyber hacking of its systems

    This resulted in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details.

    United Kingdom

    Advising in relation to a high profile claim involving the breach of personal data

    Advising in relation to a high profile claim in Hong Kong involving the breach of personal data privacy laws, the first large-scale contactless smartcard payment system in Hong Kong, including defence of investigations by the PCPD.

    Hong Kong

  • Acting on the instructions of a multi-national insurer as local breach counsel

    Acting on the instructions of a multi-national insurer as local breach counsel in respect of a fraudulent payment scheme involving suspected social engineering under its South Africa cyber policy.

    South Africa

  • Assisting a nationwide business following a ransomware attack

    Assisting a nationwide fuel trucking business following a ransomware attack infecting multiple servers which resulted in the potential inability to provide fuel to a number of the largest transport operators in Australia.

    Australia

    Acting for a larges water distributor-retailers in in relation to its incident response

    Acting for one of the largest water distributor-retailers in Australia in relation to its incident response following a high value, major technology supply chain failure which had the potential to impact services to over 1.5 million customers.

    Australia

    Advising in relation to a high profile claim involving the breach of personal data

    Advising in relation to a high profile claim in Hong Kong involving the breach of personal data privacy laws, the first large-scale contactless smartcard payment system in Hong Kong, including defence of investigations by the PCPD.

    Hong Kong

    Advising a government agency on contracting risks

    Advising a local New Zealand government agency on cloud services contracting risks including cross-border data breach reporting obligations.

    New Zealand

    Advising a financial institution following a personal data breach incident

    Advising a financial institution in Singapore following a personal data breach incident involving unauthorised emails sent from the computer system of a third party service provider to the customers of the financial institution.

    Singapore

  • Advising a government entity on the outsourcing of services

    Advising a government entity in Oman on the outsourcing of services to a third party operator to support the establishment of a national cybersecurity operations centre

    Oman

    Advising a government company on adjustments to its terms and conditions

    Advising a Saudi government company on adjustments to its terms and conditions to address cyber risk and liability.

    Saudi Arabia

  • Advising on cybersecurity risk mitigation

    Advising companies on their cybersecurity posture and risk management techniques.

    United States

    Litigating cyber claims

    Litigating claims arising out of negligent cybersecurity and data maintenance, and data privacy claims.

    United States

    Developing cyber incident response plans

    Development and drafting of cyber incident response plans for clients, including employee education presentations.  

    United States

    Advising clients on cryptocurrency risk management

    Advising policyholders and insurance industry participants on the risks presented by the possession of cryptocurrency and suggested mitigation strategies.

     

    United States

    Developing cyber insurance products

    Development and drafting of cyber insurance policies for insurance companies.  

    United States

    Litigating data breach claims

    Representing insurers in insurance coverage litigation arising under cyber insurance policies.

    United States

    Litigating cyber insurance claims

    Litigating a claim against a vendor that suffered a data breach leading to business interruption losses by our client.

    United States

  • Acting for a major logistics provider in relation to lost employee data

    This included negotiations with the ICO and dealing with employment law implications and customer communications.

    United Kingdom

    Advising a regulated business on the cyber hacking of its systems

    This resulted in the loss of significant numbers of customer data including financial, sensitive personal data and credit card details.

    United Kingdom

    Advising UK and European clients in relation to fraudulent wire transfers following O365 compromise

    Advice extended in one case to any potential recovery of the misdirected funds and in another, to defence of contractual claims in circumstances where the client owed outstanding sums as a result of the fraud.

    United Kingdom

    Acting as GDPR Counsel following a data breach

    The breach which necessitated notice to all 28 EU supervisory authorities and involved managing a number of regulatory investigations across the EU.

    United Kingdom

    Representing a private bank following the theft of credit and payment card details by an employee

    Including managing the internal investigation and dealing with the ICO, Financial Conduct Authority and the Prudential Regulation Authority.

    United Kingdom

    Managing an international data breach for a financial services client

    This was following a multi-million dollar payment diversion fraud including notifying regulators and clients in dozens of different jurisdictions and settling the claim by the defrauded customer.

    United Kingdom

Our Cyber Risk team

Lee Astfalck
Lee Astfalck

Partner

Mark Beswetherick
Mark Beswetherick

Partner

Ian Birdsey
Ian Birdsey

Partner

Helen Bourne
Helen Bourne

Partner

Nathalie David
Nathalie David

Partner

John Moran
John Moran

Partner

Simon McConnell
Simon McConnell

Partner & Chair of APAC

Reshana Pillay
Reshana Pillay

Partner

Ian Roberts
Ian Roberts

Partner

Dr. Henning Schaloske
Dr. Henning Schaloske

Partner

Show more
View all Cyber Risk partners

Show more

Our global Sports Law expertise

Read more