Ransomware demands immediate, coordinated legal and technical action. As lead incident response counsel, we establish and protect legal privilege from the outset, define scope and terms of reference, and direct forensic investigation, containment and scoping to deliver decision grade findings at speed. We mobilise within hours, align forensics, insurer reporting, and regulatory notifications, and maintain a defensible decision log from day one.  We advise boards and executives on threat-actor engagement, the legality and prudence of payments, and the preservation of director and officer protections. We align action across forensics, legal notifications, insurance reporting, communications and impacted data review, maintaining a detailed decision log capable of withstanding regulatory investigation and follow on litigation.

We manage multi jurisdictional breach notification where personal information is involved, assessing triggers across jurisdictions and advising on sector specific requirements. We prepare regulator ready filings, draft FAQs and response materials for inbound stakeholder queries, and oversee e discovery providers conducting large scale data reviews under privilege to avoid duplication and protect confidentiality. Throughout, we coordinate insurers, brokers and specialist vendors under legal privilege to streamline claims and remediation, manage litigation risk and maintain a single, consistent narrative across local, African and foreign authorities.  We have experience in managing complex incidents spanning multiple African countries, including Botswana, Côte d'Ivoire, Egypt, eSwatini, Ghana, Kenya, Mauritius, Mozambique, Namibia, Nigeria, Rwanda, and Zambia. 

Our integrated model is trusted by CISOs for speed and technical depth, and by boards and general counsel for regulatory credibility and clarity. 

More Services