Cyber response

Our specialist cyber response team are here to help you proactively both before and after a cyber breach.

We know the terrible fallout which an organisation can suffer from a cyber breach, including:

  • The risks of multi-million-pound fines under the UK GDPR
  • Claims from affected individuals
  • Claims from third party organisations
  • Reputational damage
  • Business disruption

Let our specialist cyber response team help you proactively before a cyber breach occurs, by drawing upon our UK GDPR and technology law specialist knowledge, including our expertise from helping some of the largest global organisations. As part of this service, we will help mitigate against legal risk exposure associated with cyber breaches.

If a cyber breach occurs, our cyber response team can also help assess and assist with any UK GDPR regulatory notifications to the ICO and to affected individuals. We can also help with taking legal action and defending against claims.

We can also put you in touch with specialist technical and forensic teams to mitigate against technical cyber risks.

Our lawyers

Our cyber response service is headed by our UK market leading technology lawyer, Jagvinder Singh Kang (CIPP/E, CIPM, CIPT, FIP) who is also a qualified software engineer. Jagvinder and our national team of specialist cyber lawyers have extensive experience in helping the full range of organisations on cyber matters.

Our experience

Cyber requires:

  • an understanding of the underlying technology issues, where your CIO or in-house IT team can speak the ‘same language’ with us to quickly convey the cyber breach issues – no problem there, as the head of our cyber response offering is also a qualified software engineer (with a First Class BSc (Hons) degree in Computer Science and Software Engineering)
  • an in-depth understanding of the UK GDPR, so that your DPO or in-house privacy leads can convey information to allow us to make a quick assessment, especially considering the critical 72 hour time period for notifiable regulatory breaches – again, you are in safe hands with us, as the head of our cyber response offering is a specialist UK GDPR lawyer with the internationally recognised specialist data protection qualifications (CIPP/E, CIPM, CIPT, FIP)
  • a specialist and holistic approach, which blends practical expertise across a range of legal disciplines in the context of cyber - our cyber response team is well positioned to offer this, including:
    • UK GDPR compliance (including ICO and data subject notification assessments)
    • Litigation
    • Employment law
    • Stock Exchange regulatory notifications
    • Charity Commission and industry regulatory notifications
    • Insurance law

Examples of our expertise, include:

  • Assisted a nuclear company in respect of a cyber breach, including liaising with the FBI and UK law enforcement
  • Successfully completed ICO notifications in respect of cyber breaches, without subsequent fines or enforcement action being taken against our clients
  • Implemented legal mitigation measures for a global crypto-exchange to guard against the risks of a cyber breach
  • Advised a global automotive company with pro-active legal measures to guard against cyber liability risks in respect of its worldwide connected car programme
  • Advised clients in the charity and not-for-profit sectors in respect of phishing attacks - including ICO, Charity Commission and data subject notifications

Our clients

We advise the full range of clients from innovative start-ups to the largest organisations globally. We also operate across all industry sectors.

Did you know?

Mills & Reeve Sites navigation
A tabbed collection of Mills & Reeve sites.
My Mills & Reeve navigation
Subscribe to, or manage your My Mills & Reeve account.
My M&R


Register for My M&R to stay up-to-date with legal news and events, create brochures and bookmark pages.

Existing clients

Log in to your client extranet for free matter information, know-how and documents.


Mills & Reeve system for employees.