• SP
Choose your location?
  • Global Global
  • Australian flag Australia
  • French flag France
  • German flag Germany
  • Irish flag Ireland
  • Italian flag Italy
  • Polish flag Poland
  • Qatar flag Qatar
  • Spanish flag Spain
  • UAE flag UAE
  • UK flag UK

Data Protection and Cyber Security

DWF’s legal and multi-disciplinary professional services business provides clients with global support on critical issues in Data Protection and Cyber Security. Our team includes legal advisers, management consultants, risk professionals, technologists and auditors, who combine to provide truly holistic, end-to-end solutions.

DP and cyber careers feature banner hero
Tax data on laptop careers feature banner hero
Business data careers feature banner hero
Sign up to receive our communications
Complete our form to get key insights on all the topics that interest you, straight to your inbox.

Why work with our Data Protection and Cyber Security team?

COVID-19 has provided us with a stark and sharp reminder that operational and legal resilience must be prioritised within all of our organisations, so that we can withstand shocks and sustain our success. DWF are focused on helping clients to deliver meaningful, high-quality operational outcomes for Data Protection and Cyber Security, not 'ivory tower' legal advice or 'compliance for compliance sake'. We do this by helping our clients to focus on the things that matter the most, providing them assistance with:


Related services

Explore our services

  • Breaches & Incident Response
    0006 Webinar 585x485px

    Breaches & Incident Response

    Every organisation is at risk from personal data and cyber security breaches. From large scale cyberattacks to the loss of paper records, the range and scale of the threat to data security and business resilience is diverse. 
  • Data & Cyber Disputes
    0738 Presenting at meeting PPT Wide

    Data & Cyber Disputes

    Data Protection & Cyber Security problems create fertile ground for large scale litigation and also low value, high volume individual claims. Our experience in these areas is unique. 
  • Data, Cyber Risk & Compliance
    Tax data on laptop tab image

    Data, Cyber Risk & Compliance

    Our multi-disciplinary team members have worked on some of the biggest Data Protection and Cyber Security transformation programmes and risk management projects in the market, including for GDPR compliance, to enable radical new business processes and to help remedy the worst cases of operational failure.
  • Extend & Accelerate
    DP and cyber tab image

    Extend & Accelerate

    We know data protection teams are facing challenges to do more with less under increasing pressure – read here about our innovative solution which provides you with high quality support at a low cost.

What does a good approach to Data Protection & Cyber Security look like?

Having the right approaches for gain and loss situations

Data Protection & Cyber Security issues arise in business in two broad situations: for gain, or for loss. In gain situations, organisations are seeking to drive benefits from the use of data and the digital environment, while in loss situations they are either prevented from using data and the digital environment, or their use is having negative effects, including through a lack of resilience. The best approach to an issue can differ radically depending on whether it’s a gain or a loss situation.

We always seek to understand the underlying context when designing and delivering our support to clients, to maximise the value and impact of what we do, and we believe in taking a balanced approach

Our mind-set is that data processing and technological developments have enriched the world in countless ways, serving humankind, freedoms, economic growth and prosperity and in gain situations we support our clients to achieve their business purposes and legitimate interests, helping them to innovate and grow, in balance with their obligations and mindful of the rights of others. In difficult situations, we bring a calm and ordered approach, helping to defuse and de-escalate problems and reduce loss, harm and damage. Our support extends to helping clients to better communicate their aims and objectives, including through constructive engagement and dialogue with regulators and special interest groups.

Understanding your special characteristics

No two organisations are the same. What makes them different are their special characteristics, which are their unique operating and environment features.

The special characteristics include the organisation's business sector; geographical location; legal and administrative structures; business operations, model and plan; culture and ethics; risk profile and appetite; prior legal and regulatory track record; and its resources. Achieving quality outcomes for Data Protection & Cyber Security, such as effective risk management, resilience and compliance, is always dependent upon understanding the impact of the special characteristics for data handling and the digital environment.

Achieving your goals on the things that matter the most

Although the law provides a baseline of outcomes that responsible organisations must achieve, their ambitions for data and the digital environment will extend much further than legal compliance. Delivering business purpose, achieving economic targets, acting ethically and maintaining the trust and confidence of stakeholders and investors are just as important in the setting of data and digital goals.

We always recommend taking a broad and holistic approach when determining goals and priorities and we can help you through the process of identifying and refining them.

Being situationally aware

Organisations need to be situationally aware in order to be truly confident that major issues of concern are properly understood and addressed.

We track developments internationally, across industry sectors and in the legal system and maintain engagement with the wider community of stakeholders who are invested in the achievement of good outcomes, such as privacy activists, worker representatives and consumer champions. We always feed-in these insights into our client engagements, providing benchmarks against which our clients can compare themselves and track their performance.

Addressing the technology and data layer

At the epicentre of the digital world and cyberspace are technology and data themselves. In order to deliver quality outcomes for Data Protection & Cyber Security, organisations must address the technology and data layers of their businesses and their supply chains. Governance models and paperwork by themselves are not enough.

Technical acuity and affinity are at the heart of everything we do. We have strong relationships with technology and data experts, including leaders in PrivacyTech, SecurityTech and AI, so that we can pinpoint the state of technological development to help guide clients on their tech and data strategies. Through our work helping clients handle incidents and operational failures we have acquired deep understanding of the types of quality gaps in the tech and data layer that can cause serious business interruption, reputational damage and legal consequences.

Resilience and withstanding challenge and adverse scrutiny

The worlds of Data Protection & Cyber Security are ones where an organisation's positions can be tested regularly by challenge and adverse scrutiny. These tests can occur on a planned or unplanned basis, for benign and malign reasons, through both internal and external channels. Benign, planned, internal testing can include the monitoring of controls by Internal Auditors and others performing risk management and due diligence functions. Malign and unplanned testing often arises from external forces, such as cyber criminals. Others operating along the spectrum of challenge and adverse scrutiny include disgruntled workers, whistleblowers, regulators, shareholder activists, upset customers, compensation claimants and the press and media.

We have broad understanding of the causes and dynamics of challenge and adverse scrutiny. We can help clients plan and prepare for testing situations and guide their responses in live situations, right through to representing their interests in the highest courts in the land.

Acting ethically and doing the right thing

The law tells organisations what they can do and what they cannot do, but it rarely answers the question 'what is the right thing to do?'.

Many aspects of the use of new technologies and data processing techniques pose ethical dilemmas, with examples including profiling, tracking, automated decision-taking and data sale and monetisation. Our holistic approach to the issues supports the development of data ethics visions and strategies and through processes of ethical stress testing and challenge an organisation can gain a better sense of confidence in its positions.

Latest Insights


Meet key members of our team

View our full Data Protection team

Get in touch today

Get in touch with a member of our team by using the details below or completing the form.
T +44 333 320 2220
+44 333 320 4440