Cameron Whittfield
Cameron is a market leading technology lawyer specialising in cyber security, information security and emerging technologies.
Cameron is one of Australia’s most respected cyber incident response lawyers. He leads Australia’s only truly dedicated cyber security legal practice, the ability to scale a team of some 80 plus specialists, including in relation to data forensic reviews.
He works extensively for clients throughout the region advising on cyber security, information security, data protection, emerging technologies, digital platforms, technology and telecommunications reform and other technology-related transactions and legal issues.
Cameron has significant experience advising corporates on the preparation and response to major cyber security incidents. He has worked on hundreds of material cyber incidents, advising on complex extortion negotiations and regulatory investigations.
He has been the lead advisor in relation to many of Australia's most complex and contentious cyber-attacks, overseeing all aspects of the response including forensic reviews, incident recovery, root cause analysis, threat actor negotiations, regulator/ regulatory engagement and investigations, stakeholder management, contractual matters and cyber insurance.
He also helps executive teams and boards navigate and understand governance responsibilities associated with cyber security resilience, the impact of cyber reforms, crisis response and the implications of technology on traditional (and emerging) legal principles and business models.
Cameron has particular expertise in advising boards on their governance responsibilities before, during and after a cyber incident.
Cameron has complimentary expertise in related fields including technology M&A, technology reform and regulation and technology sourcing and transformation. He also has extensive experience dealing with bespoke and complex commercial arrangements, but is currently dedicated to cyber related matters.
Cameron has worked throughout the world, included for extended periods based in the UK (London), the US (Houston), France (Paris) and SE Asia (Hong Kong / Singapore).
Prior to re-joining HSF, Cameron led a cyber security advisory team of some 300+ cyber specialists. He also founded the Melbourne office of Gilbert+ Tobin and was the global TMT and cyber security legal leader for a global professional services firm.
In 2019, Cameron was awarded 'Technology Law Partner of the Year' at the annual Lawyers Weekly Australian legal partner awards, and has been listed in Australian Best Lawyers for corporate, commercial, telecommunications and IT law every year since 2016.
Cameron coordinates and teaches 'Emerging Technology Law' at Melbourne Law School, a course designed to provide law graduates with a breadth of knowledge across various technology areas, ranging from digital platform businesses, technology sourcing and cloud computing, cyber security and data protection, blockchain technologies and artificial intelligence.
Background
Cameron studied at the University of Victoria, Wellington (LLB) and FINSIA (Cert of Applied Finance). He also completed Law Firm Leadership Executive Training at Harvard Law School.
Cameron is an Honorary Senior Fellow at the University of Melbourne, a lecturer & subject coordinator for the 'Emerging Technology Law' course at Melbourne Law School, where he is on the Advisory Council.
Cameron has worked extensively throughout the world over the last 25 years and is qualified in England & Wales, Australia and New Zealand.
Experience & expertise
Selected matters
- Cameron has advised on 100 plus material cyber incidents, including as lead adviser on some of the region’s most significant cyberattacks
- advising numerous companies and their boards, both listed and unlisted, within Australia and across SE Asia, on cyber resilience, cyber maturity, 3rd party risk management, specific incident response, ransomware and cyber extortion playbooks, crisis management, extortion payment decisions, threat intelligence, director duties and cyber simulations
- extensive experience dealing with regulatory reform and data protection laws, including the Privacy Act, GDPR, Security of Critical Infrastructure reforms, notifiable data breach regimes (throughout the region and the EU), CPS234/232/230 and ASX disclosure/ trading halt decisions
- assisting clients with regulatory and Government agency engagement, including with the ACSC, OAIC, APRA, ASIC, PDPC (Singapore), PCPD (Hong Kong), AFP, State-based cyber-crime enforcement and the Cyber and Infrastructure Security Centre
- advising on various emerging technology transactions, including as lead legal adviser for a global Al ethical framework and blockchain enabled supply chain initiatives
- drafting and negotiating technology sourcing agreements and managing disputes associated with technology sourcing, including acting in transactions involving the world's largest technology companies
- advising on M&A transactions in the technology and telecommunications space, including advising on strategic restructuring, demergers and private company M&A.
- advising regulators and Governments on telecommunications liberalisation processes and technology reform, both in Australia and throughout the world, including as adviser to Telstra on its wholesale arrangements and the roll out of the national broadband network