cyber security consultants

Cyber security consultants

HomeIndustry expertiseCyber security consultants

At Dundas Lawyers®, we provide comprehensive legal services tailored to cyber security consultants, supporting their businesses across commercial, regulatory and risk-related matters. We work with cyber security consultants to help them manage legal obligations, protect their interests and operate with confidence, including advising on governance, risk management and compliance (GRC) requirements where relevant.

Uncommon Nous® for cyber security consultants

Dundas Lawyers® has an Uncommon domain expertise for cyber security consultants, having achieved the gold level of the SMB1001 cyber security standard.

SMB1001 is a multi-tiered cyber security certification standard for small and medium-sized businesses. It is produced by Dynamic Standards International (DSI) and updated every year to keep pace with the fast-changing cyber environment.

SMB1001 gold level certification requires businesses to implement twenty-three (23) controls across five (5) domains:

  • technology management;
  • access management;
  • backup and recovery;
  • policies, processes and plans; and
  • education and training.

Our services for cyber security consultants

Dundas Lawyers® services for cyber security consultants include, but are not limited to, assisting with:

  • commercial and technology contracts, including consulting agreements and risk allocation;
  • privacy, data protection and confidentiality obligations;
  • regulatory compliance and engagement with regulators;
  • GRC and standards-aligned legal advice (SMB1001, ISO 27001);
  • incident and data breach response from a legal perspective; and
  • dispute prevention, liability management and regulatory enforcement matters.

Why choose Dundas Lawyers®?

Having exerted Blood Sweat and Years® since April 2010 we are the team you want on your side for the long term to act as the ‘bodyguard’ for your business in cyber security consultancy.  Some of the reasons clients choose Dundas Lawyers® include:

  • our Uncommon business acumen;
  • our Uncommon expertise in transactional, compliance and litigious matters;
  • our Uncommon expertise in forensic case preparation;
  • our Uncommon customer focus;
  • the fact that we don’t just know law, we know business!;
  • how we leverage our Uncommon Nous® to provide client-centric solutions.

Considering getting a lawyer to advise your business?

For a confidential, no-obligation initial telephone call to find out how we can help your business gain an uncommon advantage in cyber security consultancy, please phone our team on either 1300 386 529 or 07 3221 0013.

Recent insights for cyber security consultants

  • Dundas Lawyers achieves SMB1001 gold level cyber security certification

    Dundas Lawyers achieves SMB1001 gold level cyber security certification

    On 14 November 2025 Dundas Lawyers achieved the Gold level of the SMB1001 cybersecurity standard.

    Read more …

  • Aust Clinical Labs fined $5.8mil for failing to report data breach

    Aust Clinical Labs fined $5.8mil for failing to report data breach

    On 8 October 2025, the Federal Court published the judgement of Justice Halley in the case of Australian Information Commissioner v Australian Clinical Labs Limited (No 2) [2025] FCA 1224 (AIC v ACL).  Australian Clinical Labs Limited (ACL) was ordered to pay $5.8 million in civil penalties in relation to a 2022 data breach.  This…

    Read more …

  • Australians soon facing age checks when viewing adult websites

    Australians soon facing age checks when viewing adult websites

    On 9 September 2025, the eSafety Commissioner, Mrs Julie Inman Grant (Commissioner), registered six (6) new codes (New Codes) under the Online Safety Act 2021(Cth) (Online Safety Act) aimed at protecting children from the “clear and present” dangers of harmful AI chatbots and other online adult content.  On 9 March 2026, these New Codes will…

    Read more …

  • Ransomware payment reporting obligations

    Ransomware payment reporting obligations

    A “Ransomware Attack” is a cyber security breach in which a malicious actor gains unauthorised access to a computer system or network and then encrypts, exfiltrates, or otherwise compromises data or functionality.[1]  Ransomware Attacks have become increasingly sophisticated, financially motivated, and disruptive across all sectors, prompting legislative intervention to regulate responses and improve national cyber…

    Read more …

  • Federal parliament enacts cyber security legislation

    Federal parliament enacts cyber security legislation

    On 25 November 2024, the Australian Parliament passed a suite of legislation, collectively referred to by the Australian Government as the Cyber Security Legislative Package 2024.  The purported impetus for this legislation was a series of high-profile data breaches in 2022 and 2023.

    Read more …

  • The Digital ID Bill 2023 (Cth) – key points

    The Digital ID Bill 2023 (Cth) – key points

    On 30 November 2023, the Digital ID Bill 2023 (Cth) and the Digital ID (Transitional and Consequential Provisions) Bill 2023 (Digital ID Bills) were introduced in the Australian Senate.  Digital IDs are designed to provide individuals with a convenient way to verify their identity when completing certain online transactions and dealing with government and certain…

    Read more …

  • Misinformation and Disinformation Bill 2023 – draft insights

    Misinformation and Disinformation Bill 2023 – draft insights

    The Communications Legislation Amendment (Combatting Misinformation and Disinformation) Bill 2023 (Cth) (Misinformation Bill) was announced by the Department of Infrastructure, Transport, Regional Development, Communication and the Arts (DITRDCA) in January 2023.  The Misinformation Bill is aimed at restricting the flow of misinformation and disinformation by providing the Australian Communications and Media Authority (ACMA) with increased…

    Read more …

  • What are adequate cybersecurity measures?

    What are adequate cybersecurity measures?

    The adequacy of cyber security measures was considered in the case of Australian Securities and Investments Commission v RI Advice Group Pty Ltd [2022] FCA 496 (ASIC v Ri Advice Group).  One of the issues raised was whether the respondent had adequate cyber security and cyber resilience in place across its network of financial advisors. …

    Read more …

  • Introduction of cryptocurrency and hacking offences to Parliament

    Introduction of cryptocurrency and hacking offences to Parliament

    The Crimes Legislation Amendment (Ransomware Action Plan) Bill 2022 is set to revolutionize the way cybercrime is prosecuted. Learn more about the changes it brings and the implications they have.

    Read more …

Recent Federal Court decisions regarding cyber security consultants

  • Australian Information Commissioner v Australian Clinical Labs Ltd (No 2) [2025] FCA 1224

    PRIVACY ACT – Where an APP entity breached Australian Privacy Principle (APP) 11.1 of the Privacy Act 1988 (Cth) (Act) by failing to take reasonable steps to protect personal information from unauthorised access or disclosure – what constitutes “reasonable steps” – where an APP entity interfered with the privacy of 223,000 individuals under s 13(1)…

  • Singtel Optus Pty Ltd v Robertson [2024] FCAFC 58

    PRIVILEGE – legal professional privilege – third party report – investigation into cyber-attack – whether the report was created for the dominant purpose of legal advice – multiple purposes for commissioning report – unchallenged evidence – adverse inference – failure to adduce specific and focused evidence – time for assessing dominant purpose PRACTICE AND PROCEDURE…

  • Khan v Google LLC [2023] FCA 785

    Leave to proceed granted in Federal Court of Australia on application served outside Australia. Court orders preliminary discovery on more confined terms than those initially sought.

Send this to a friend