Ross Phillipson

Partner
Perth

Biography

Ross is a partner in our Technology and Digital group.

Ross is a partner in our Technology and Digital group.

He brings nearly two decades of internationally built experience across cyber security, privacy and critical infrastructure, developed through senior roles at top-tier law firms in Europe and the Asia-Pacific.

Ross is one of the few Australian lawyers with deep, end-to-end expertise spanning cyber security and privacy governance, large-scale incident response, operational technology security, critical infrastructure regulation, operational resilience and artificial intelligence governance.

His approach is distinctly commercial and implementation-focused, supporting clients both at moments of strategic decision-making and during high-pressure crisis events.

Ross is widely recognised for delivering highly pragmatic, operationally grounded advice trusted by boards, executives and major corporates. He regularly advises on complex cyber incidents, privacy breaches, SOCI compliance programs and technology risk, and has trained and advised boards and senior leadership teams at large organisations.

Experience

Ross’ experience includes advising:

  • A large Australian resources company on cyber security governance and incident management in relation to emerging risks from operational technology risk.

  • An international financial services and technology provider on CPS230 (Operational Resilience) and critical infrastructure laws.

  • A major Australian headquartered international resources company on its global privacy program, including multi-country compliance gap analyses and uplift, privacy program design and policy suite review and uplift.

  • An international infrastructure and renewable energy business on its critical infrastructure, cyber security and privacy compliance programs, including designing risk management policies and process frameworks.

  • A major resources company on end-to-end management of two significant data breaches, including privileged data analysis, advice on notification obligations, strategic advice in relation to immediate rectification activities to prevent further harm, review and advice in relation to root cause and remediation and regulator communication.

  • A healthcare services company on a complex data breach incident and associated regulatory, contractual and risk management responses.

  • An international resources company on its end-to-end cyber security governance and risk management program, including design, implementation, board training and briefings and strategic review.

  • A private equity firm on diligence and risk management approaches in-deal where the target company suffered a significant cyber security incident during the deal process, and appropriate contractual and post-closing activities to manage and mitigate follow-on risk.

  • An international information services provider on cyber security, DISP, SOCI and privacy risk on an inward investment into an Australian target company.

  • Settlement Services International on its data protection and privacy compliance obligations.

Awards and Recognition

  • The Best Lawyers in Australia 2027

    Recognised for Privacy and Data Security Law

Testimonials

Client first thinking

Approachable, has global experience, is responsive to our needs, provides flexibility to meet our timeframes, and is a very engaging personality who is supportive and understanding.

The Legal 500 Asia-Pacific
Related insights

Insights featuring Ross