Wotton Kearney’s rapidly growing national cyber team has been named in Australasian Lawyer’s inaugural list of 5-Star Cyber Law Firms released today. Our Head of Cyber, Privacy and Tech Liability Kieran Doyle is also listed as a 5-Star Cyber Lawyer for 2021 following research to identify the best in Australia’s cyber law market.

Australasian Lawyer’s 5-Star Cyber Law Firms and Lawyers list highlights the 40 lawyers and 27 law firms that have risen to the occasion as cyber law takes off. These legal talents stayed on the pulse of the market’s needs, and were well placed to tackle the novel challenges the new normal has created.

Kieran also talked to Australasian Lawyer as part of their feature awards report on the expanding cyber threat landscape as a result of the pandemic and the need for laws to evolve “at pace” with cyber challenges, including “incentivising businesses, particularly small businesses, to improve their cyber and data hygiene”. You can read Kieran’s comments below and the full 5-Star Cyber Law Firm report here.

For more on W+K’s Cyber, Privacy and Tech Liability services and team, click here.

The cyber law evolution

While demand for cyber law advice was already growing prior to COVID-19, the pandemic drove up the success rate of cyber attacks, driving demand up even more. Wotton Kearney cyber team leader Kieran Doyle points out that working from home has expanded the attack surface for cyberattackers.

“We have seen a greater vulnerability landscape as businesses began working from home almost immediately. Remote working has created a larger attack surface as people log into the office from home, either adding a vulnerable home network as a gateway into the work environment or hastily put-together remote working with open remote working ports left vulnerable to attack,” he says.

Cyberattackers have also been capitalising on the volatile atmosphere created by the pandemic.

“It’s not like the threat actors have doubled in numbers since the pandemic began. However, what we have seen is more successful attacks than we did before, leveraging off the feeling of uncertainty and perhaps more realistic phishing attacks using people’s thirst for COVID-19 information to their advantage,” Doyle says. Thus, he calls for law firms to “evolve with the continuing threat landscape”.

“Security of systems is now a vital part of operations for all law firms, and you certainly can’t remain static,” says Doyle.

Common cyber law concerns

In the current environment, both large and small organisations have been increasingly victimised in ransomware attacks – something law firms have not been able to avoid.

“Ransomware has increased in prevalence during the last 18 months – attacks against big and small businesses,” Doyle says. “You could say that this is the second pandemic of the last 18 months, which the government and opposition are now looking to address.”

Legislative developments

As the profile of cyber law increases further moving forward, legislation is looking to catch up.

Doyle believes that the law will evolve “at pace” with cyber challenges. “I am particularly keen to see some amendments to the Privacy Act to ensure the notification laws are made much clearer and fairer,” he says.

“I am also keen to ensure there is a balance to any refresh in cyber law. There is a lot of talk about enforcement and strict liability; however, I would really like to see the focus of any new laws to be on incentivising businesses, particularly small businesses, to improve their cyber and data hygiene”.

Doyle explained that it is not greater enforcement that stops cyber attackers, but rather, a strong defence and recovery strategy.

“Preparing business to be better equipped to repel and detect attacks and be able to bounce back quickly from them with minimal data and financial loss should be the focus, rather than punishment for experiencing an incident that is often unavoidable,” he says.