Andrew Miers is a leading specialist in cyber security and cyber incident response, and broader online content, digital and technology risks.
Andrew advises clients on the ever-evolving area of cyber risk. He helps clients respond to and prepare for cyber incidents, with experience ranging from large and complex ransomware incidents through to small data breaches. He assists clients navigate the legal, regulatory, strategic and practical aspects of a cyber incident, including claims and liabilities that arise post-breach. Andrew also advises on cyber insurance policies and coverage.
Andrew is a sought after industry speaker and widely published thought leader on cyber. He was named in 2021 as one of Australasian Lawyer’s inaugural 5-Star Cyber Lawyers. Andrew also practices in media and technology liability, either directly for government and corporate clients or for their insurers. He has acted in matters involving defamation, social media and other online content, privacy, intellectual property infringement and IT service provider claims.
Expertise
Experience
- A financial services and credit licensee Advising in relation to a ransomware attack involving exfiltration and encryption of data, and significant disruption to systems and business, including advice on threat actor engagement and sanctions, notification to the OAIC and ASIC reporting as an AFSL and credit licensee.
- A payroll software provider Advising in a ransomware attack requiring notification of over 80,000 individuals, including complex data review, engagement with corporate customers, coordinating multi-party data breach obligations, engagement with OAIC and ATO and resolving third party liability claims.
- A charitable community services organisation Responding to a ransomware attack involving access to unstructured sensitive personal data including forensic investigation, data review and harm assessment, data breach notification, media management and engaging identity theft counselling services.
- A professional services firm Advising on cyber incident response planning, cyber insurance and ransomware payment considerations tailored to a professional services environment.
- An insurance broking firm Acting in a cyber incident response simulation and advising on legal and strategic issues arising, followed by advising the same company in a live incident a few months later.
- An aged care provider Advising in response to a ransomware attack on its external cloud data holder, including large data review and data breach notification, managing process of notifications to individuals, and incoming calls and complaints.
- Numerous medical practitioners Advising in relation to defamation claims by other doctors, and in relation to adverse online reviews posted by disgruntled patients and defamatory media articles.
- Numerous insurers Advising on insurance coverage issues arising under cyber insurance policies including business interruption losses, claims for remediation costs, social engineering losses and ‘silent cyber’ exposures under traditional insurance policies.
