Careers
Created with

Ransoms to regulators: My life as a cyber security lawyer

By on

Ahead of next week’s virtual student event, Clyde & Co legal director Seaton Gordon considers some of the current issues at play for cyber lawyers and why those seeking to follow in his footsteps need to be good at spinning plates

Seaton Gordon, legal director in Clyde & Co’s cyber team

The nexus between technology and business continues to evolve, and with it comes “hackers, crime and crisis” says Seaton Gordon, legal director in Clyde & Co’s London cyber team.

Gordon began his legal career as a trainee in 2007, qualifying into the general litigation practice of a City law firm. But it wasn’t until he reached junior associate level that his head was turned by cyber law.

Educating himself in the cyber market, Gordon begun by attending conferences, reading and then writing articles, and getting to know people working in the field. This was followed by a switch of firms, and then more recently a move to Clyde & Co, where Gordon’s work is now “100% cyber”, with a focus on responding to international data breaches.

His day-to-day involves helping clients respond to being hacked, encompassing everything from “dealing with regulators, notifying affected individuals, reacting to adverse media, supporting the negotiations with hackers and paying ransoms if appropriate”.

Reflecting on what prompted the switch to cyber, Gordon points to the complex stories behind every breach and the dynamic, real-world nature of working in this area of law. This is no surprise given that his work is a direct result of the cyber space being an “extraordinarily rich environment for criminals to play around in”, he tells us.

When quizzed on the effect of the pandemic on the cyber industry, Gordon notes that whilst he is busier now, Covid-19 has not made as much of an impact as you might think. “People were working in the office and businesses were getting breached, and now they are working from home and still getting breached,” he explains. The requirements to protect systems and personal data existed pre-Covid.

Still, Gordon acknowledges that businesses with a more traditional pre-pandemic office set-up, where working from home was minimal or non-existent, are on a sharp learning curve as they look to embrace more flexible methods of working on a long-term basis.

Find out more about training at Clyde & Co

So, if the pandemic has failed to make significant waves in the cyber industry, what will?

High up on the list is the impact of Brexit and whether it will drive changes to data protection legislation, Gordon says. Expanding on this, he outlines that if the UK and Europe’s currently aligned data protection strategy were to shift, then this would fundamentally alter the legal and regulatory frameworks that cyber lawyers currently navigate.

Another potential hurdle, Gordon suggests, is emerging litigation poised to shape the approach lawyers take following a data breach. He cites the imminent UK Supreme Court decision in Lloyd v Google, which will address the extent to which an individual is entitled to remuneration for a company losing control of their information. Gordon warns that such rulings will undoubtedly alter the cyber law landscape.

Talking about the qualities future cyber lawyers need to thrive in this fast-moving practice area, Gordon suggests that an ability “to keep multiple plates spinning” is key. Some of these ‘plates’ will be legally related questions, he notes, but they might also include supporting a client’s PR and IT teams, advising the board or even responding to an adverse newspaper article. Equally important, therefore, is a willingness to get stuck in and an ability to communicate effectively as part of a team.

Understanding the technological pressures that a business is under is beneficial too, Gordon explains, because then you know the questions to ask when a data breach occurs. But this does not mean you need to be a computer whizz. With an English degree from Cambridge University, Gordon is “living proof” of this.

Advising students who are drawn to a career as a cyber lawyer, Gordon encourages individuals to build their network early and make their ambitions clear. As a relatively new area of law, cyber teams are constantly looking for more people, Gordon tells us. So, those with curiosity and enthusiasm “will be welcomed with open arms”.

Seaton Gordon will be speaking alongside other lawyers from Clyde & Co at ‘Cyber security, data and digital risk — with Clyde & Co’, a virtual student event taking place next week, on Thursday 2 September. You can apply to attend the event, which is free, now.

Find out more about training at Clyde & Co

About Legal Cheek Careers posts.

Related Stories