Cyber

Our Cyber Hub advise clients across the full spectrum of preparedness, incident response and investigations.

The cyber threat continues to present a range of challenges to corporations. The threat is changing as cyber criminals look for new methods of attack, both through supply chains and using ever-evolving ransomware capabilities. The regulatory landscape is also developing, with new and amended cyber laws as well as the risk of increasing fines.

Our Cyber Hub has the multidisciplinary expertise and industry knowledge to advise clients across the full spectrum of preparedness, incident response and investigations. Our hub is made up of legal experts from our corporate, data privacy, digital and technology, dispute and investigations, financial services, financing, and IP teams. They have access to a network of cyber industry experts, regulator contacts and relationship firms across the world which means we can assemble a global team to tackle your cyber crisis, whatever your sector.

We help our clients understand and mitigate cyber risks, both in their business-as-usual operations, and when engaging in activities which raise specific cyber concerns. We build trust with senior stakeholders and create a roadmap to help prevent, and (where necessary) navigate a cyber attack, within each client’s own corporate risk appetite.

We help clients with:

  • Cyber preparedness: we develop cyber risk management frameworks to enable clients to assess their compliance with laws, regulation and best practice. Our hub helps clients to be prepared for cyber breaches, including preparedness checklists, tailored cyber response plans, running training for business functions, executive teams and Boards and coordinating attack simulation activities. 
  • Incident response: we work closely with clients to help them respond to a breach. This includes advising the Board, coordinating investigation of the breach and liaising with regulators and third parties. Ransomware attacks and supply chain breaches have kept our team particularly busy in recent times. We provide around the clock support to ensure the right decisions are made in a timely manner and provide a calm, measured response to a highly stressful situation.
  • Corporate governance: we advise clients on their reporting obligations around cyber and support GCs, Co-secs and others to ensure the Board and other executive stakeholders are aware of their cyber risk management and reporting responsibilities. This includes providing tailored training for legal and executive teams as well as the Board and NEDs.
  • Investigations and claims: we support our clients with all internal investigations following a cyber attack and provide strategic advice on any regulatory investigations and civil claims.

Key experience


We have advised:

Interserve

Interserve, a multinational distribution and outsourcing company, in respect of a ransomware attack affecting its UK and Irish operations and data subjects across multi-jurisdictions in Europe and the Middle East. We advised on the approach to the investigation, including liaising with forensic IT experts, preparing the regulatory notifications, responding to regulators’ questions and helping manage stakeholder communications.

Bupa

Bupa on aspects of its global data breach affecting 500,000 customers and involving regulatory enforcement action across approximately 60 jurisdictions. This included formal notifications to various regulators, and bringing urgent proceedings against individuals (known and unknown) responsible for the breach.

An international media and production company

An international media and production company, with HQs in the UK, Europe and the US, on their data breach preparedness. We are leading the coordination of cyber consultants and subject experts across each jurisdiction to build contingency plans and response playbooks, and to train senior management and others on their use in simulated incidents.

A multinational company in the defence sector

A multinational company in the defence sector on its response to a cyber attack which impacted its global operations. We provided advice from over 10+ jurisdictions across Europe, the Middle East, Africa and the US, coordinating at senior board and management level on its engagement with cyber criminals, addressing the question of ransom payment, and the investigations and regulator engagement following the attack.

The board of a major manufacturing group

The board of a major manufacturing group on directors’ duties and sanctions risks in relation to cyber security and ransomware scenarios. This is an example of the type of corporate governance and Board support that we provide to many of our major clients to help senior stakeholders understand their roles and responsibilities around cyber.

Key Contacts

Rob Sumroy
Rob Sumroy Partner
Jonathan Cotton
Jonathan Cotton Partner
Duncan Blaikie
Duncan Blaikie Partner
Nick Bonsall
Nick Bonsall Partner
Rebecca Cousin
Rebecca Cousin Partner
Natalie Donovan
Natalie Donovan PSL Counsel and Head of Knowledge Tech and Digital
Laura Houston
Laura Houston Partner
David Ives
David Ives Partner
Richard Jeens
Richard Jeens Partner
Andrew Jolly
Andrew Jolly Partner
David Shone
David Shone Partner
Smriti Sriram
Smriti Sriram Partner
Rob Sumroy
Jonathan Cotton
Duncan Blaikie
Nick Bonsall
Rebecca Cousin
Natalie Donovan
Laura Houston
David Ives
Richard Jeens
Andrew Jolly
David Shone
Smriti Sriram
Related insights
The Lens Newsletter - April 2024
The Lens Newsletter - March 2024
Change is afoot for Cyber Governance

View all our publications on Cyber