Phillip Magness Special Counsel

Phillip is a cybersecurity, technology and privacy lawyer with  more than 20 years of combined experience in cyber law, cybercrime, digital forensics and cyber security.

He has advised some of Australia’s and the world’s largest companies (including technology giants) on data protection, cyber resilience, privacy, contractual and regulatory compliance, telecommunications law and technology-related transactions.

Phillip has a unique combination of legal, cyber, regulatory and investigative expertise. His experience includes 18 years as an Australian Federal Police officer (specialising in digital forensics and cybercrime), and as a Senior Manager in Markets Enforcement at ASIC. He was also an Adjunct Professor at Deakin University’s Centre for Cyber Security and Innovation.

Phillip is part of the firm’s Cybersecurity, Privacy & Technology practice, and also works with our Board Advisory & Governance team to help clients and their boards manage cyber risk. 


Recent deals

Various multi-national and ASX companies

Acted for various international and ASX listed companies in relation to significant data breach matters, including ransomware, nation-state and insider attacks. Assisted with incident response, drafting communications, law enforcement engagement, regulatory compliance and engagement, breached data review, board advisory, and managing third-party claims.

Information Commissioner investigations

Privacy counsel for three Australian companies subject to Commissioner Initiated Investigations.

Various multi-nationals

Assisted various national and multi-national clients with the development of cyber and privacy frameworks, management and board-level incident response plans, cyber due diligence, contractual review, and cyber education and training.

Cyber simulation exercises

Developed and delivered multiple cyber simulation exercises for crisis management teams and boards in the energy, health, mining, retail, financial and hospitality sectors. This included facilitating a cyber exercise for a multi-national hospitality provider in Singapore.

Critical infrastructure sector

Trusted adviser to clients bound by critical infrastructure regulation, including advising on regulatory compliance and risk management planning. This included clients in the energy, transport, food and grocery, education and health sectors as well as one of the big Four Australian Banks.

ASIC v RI advice

Led ASIC’s litigation against RI Advice Group Pty Ltd. The proceedings involved a financial service licensee’s obligation to implement adequate cybersecurity and cyber resilience risk management controls.


Career & qualifications


  • Master of Laws (Juris Doctor), Monash University
  • Master of Information Systems Security, Charles Sturt University
  • Graduate Diploma of Legal Practice, The College of Law
  • Graduate Diploma of Computing, Monash University
  • Diploma of Policing, Australian Federal Police College
  • Bachelor of Arts (Police Studies), Monash University
  • Bachelor of Arts, Monash University

Memberships and associations

  • Certified Industry Systems Security Professional (CISSP) with the International Information System Security Certification Consortium
  • A+, Network+ and Security+ certifications with the Computing Technology Industry Association