I provide a range of free services for large UK based businesses and other organisations, to help them develop their incident response plans. As mentioned on the home page, these are incident response readiness assessments, ransomware and data extortion training, the incident response playbook and the retainer letter.

Regulatory action following a security breach is a real and foreseeable risk and can result in serious sanctions and penalties, including fines and changes to your license to operate. I have a very long track record of successfully helping organisations to navigate this minefield, as noted by the legal directories year after year. 

If your organisation has been hacked or suffered any other form of cybersecurity attack, I provide strategy, consulting and legal services to guide you through the response. This includes helping you to understand and set your strategic priorities and to mobilise your operational response.​

Data protection law provides people will various statutory rights, such as the right of access to information. These rights are often "weaponised" after a security breach as a fact-find and evidence gathering to support a compensation claim or litigation. I can advise you how to deal with this effectively and manage the process.

After an incident various reporting duties may arise, including under regulatory law and in contract. Communications may also be needed for a good quality operational response, or to assist law enforcement. I provide strategy and legal advice to help you fulfil your duties and minimise risk.

Compensation claims and litigation following a security breach are common, with group litigation and representative actions (sometimes called "class actions") increasing in frequency. I have a very long track record of success in advising and representing businesses and other organisations in defence of these claims.