In our digitally-reliant and data-saturated world, the intersection between the law and cyber security has never been more important – it is a space where operational and legal risks truly converge. From ensuring compliance with complex regulatory regimes to providing support and advice when responding to significant cyber incidents, the centrality of legal teams in an organisation’s cyber risk management strategy has continued to strengthen across all sectors.

It is important to understand how lawyers consider cyber security at an organisational level – what are the key risks, what are the key opportunities, and how are the executive and board performing? The HSF Kramer Cyber Risk Survey is unique. It specifically explores the perspectives of Australian legal leaders think on organisational cyber risk maturity and strategy. This makes it a valuable tool – not only to measure sentiment, but also to consider areas of strength and areas where improvement is required.

Over the past 12 months, a lot has changed. The world is in a state of geopolitical flux. Inevitably, this impacts the cyber threat environment.

While we may naturally look to areas of conflict, shifts in US politics have had global ramifications, with realignment of security priorities and funding cuts to the US Cybersecurity and Infrastructure Security Agency (CISA). We have seen key initiatives come to an end or put in abeyance. All the while, our adversaries appear to be investing more than ever before.

The domestic regulatory environment has also continued to evolve, with the passage of Australia’s Cyber Security Act 2024, updates to the Security of Critical Infrastructure Act 2018 (SOCI Act) coming into force, and Privacy Act 1988 (Privacy Act) reform still high on the Federal Government’s agenda. And technological advances have marched on, with increasingly sophisticated GenAI and agentic AI models ushering in new and concerning cyber risks. Teamed with economic uncertainty, increasing compliance and increasing supply chain complexity, it is undoubtedly a challenging environment for cyber security professionals.

This report addresses these issues and also provides unique insights from some of the country’s foremost cyber leaders from across the public and private sectors, as well as HSF Kramer’s cyber experts. It also provides a longitudinal view of the evolving attitudes, understanding and concerns of Australian lawyers in relation to organisational cyber risk management and strategy, which can help inform and improve these practices into the future.


Global expertise

See how our global Cyber team can help you

Cyber risk advisory

Key contacts

Stay in the know

Receive timely insights and briefings from HSF Kramer, tailored to keep you informed and ahead

Subscribe now
Sydney Australia Perth Brisbane Melbourne Cyber risk advisory Cyber Security Cameron Whittfield Peter Jones Carolyn Pugsley Anne Hoffmann Magdalena Blanch-de Wilt Heather Kelly Kaman Tsoi Christine Wong