About This Webinar
This interactive webinar immerses legal professionals in a real-time ransomware attack simulation on an Australian law firm. Participants experience the first 72 hours of a cyber breach, make critical decisions at each stage, and assess their own firm's incident response readiness using the Cyooda Security Colour Code Method™.
Summary
Cyber attacks on Australian law firms are increasing in frequency and severity. In FY2024–25, ASD responded to over 1,200 cyber security incidents, OAIC data breach notifications hit an all-time high, and legal services consistently ranked among the top five sectors reporting breaches. Since 30 May 2025, Australian businesses with turnover exceeding $3 million are subject to mandatory ransomware payment reporting under the Cyber Security Act 2024 — a requirement that captures most mid-to-large law firms.
Despite this, many firms have never tested their response to a cyber incident and lack clarity on who makes decisions, what regulatory obligations are triggered, or whether their backups and incident response plans would hold up under pressure.
This 60-minute interactive webinar addresses that gap directly. Delivered live via Zoom by John Reeman — former CISO of King & Wood Mallesons (26 countries) and current CEO of Cyooda Security — the session places participants inside a realistic, scenario-based ransomware attack on a 200+ person Australian law firm with offices in Sydney, Melbourne, Brisbane and Newcastle.
The scenario unfolds progressively across 72 hours, covering crisis management and initial response, internal and external communications including media enquiries, digital forensics and evidence collection, network containment and remediation, business continuity challenges including frozen trust funds and missed court deadlines, regulatory notification obligations (OAIC, Law Society, ASD mandatory ransomware reporting), and the difficult decision of whether to pay the ransom.
At each critical decision point, participants are engaged through Zoom polls and group discussion, asking them what they would do, who makes the call at their firm, and whether they have tested their response.
The session concludes with a structured self-assessment exercise using the proprietary Cyooda Security Colour Code Method™. Participants score their own firm across seven incident response domains — crisis management team, communications and legal framework, incident response plan, evidence collection and forensics, business continuity and recovery, network and endpoint containment, and backup and disaster recovery — using a colour-coded rating system (Green = fully prepared and tested, Amber = defined but not tested, Red = nothing in place or ad hoc). Scores are totalled and interpreted against benchmarks, giving each participant a personal readiness snapshot and clear identification of priority gaps.
The webinar is designed for legal professionals at all levels of cybersecurity knowledge, with particular relevance for managing partners, practice group leaders, IT decision-makers, risk and compliance officers, and practice managers within Australian law firms.
Participants receive a post-session materials pack including the slide deck, a standalone Colour Code Method™ self-assessment scorecard, a one-page action plan with regulatory reminders, and a CPD evaluation form. A certificate of attendance confirming 1 CPD hour is issued to all participants
