SoteriaSec
  • Home
  • About
  • Services
    • Incident Response and Breach Investigations
    • Cloud Incident Response and Digital Forensics
    • Breach & Compromise Assessments
    • Expert Witness Services
    • Security Operations
    • Internal Digital Forensics Investigations
    • DFIR Training
  • Contact
  • Home
  • About
  • Services
    Incident Response and Breach Investigations Cloud Incident Response and Digital Forensics Breach & Compromise Assessments Expert Witness Services Security Operations Internal Digital Forensics Investigations DFIR Training
  • Contact

Expert Witness Services

Expert Witness Services
Circle Shape 1
Circle Shape 1

SoteriaSec provides independent cybersecurity Expert Witness services to law firms, barristers, insurers, and regulators across Australia and Singapore. Our experts have given evidence in Federal and District Courts in both civil and criminal jurisdictions and have served as independent technical Expert Witnesses in landmark regulatory proceedings invovling the Office of the Australian Information Commissioner (OAIC).

We operate as both independent Expert Witnesses — where our duty is to the Court; and as Consulting Experts, providing technical strategy and analysis to legal teams behind the scenes. Both roles draw on the same depth of experience in digital forensics, incident response, and cybersecurity operations.


Court-Compliant Reports

Prepared in accordance with GPN-EXPT and applicable Uniform Civil Procedure Rules across NSW, SA, and Qld.

Federal and District Court Experience

Oral evidence and written reports for civil and criminal proceedings across Australian jurisdictions.

OAIC Enforcement Experience

Retained as the independent technical Expert Witness in the OAIC’s enforcement action against Australian Clinical Labs.

Independent and Consulting Roles

We operate in both disclosed and undisclosed expert capacities, depending on the needs of your matter.

20+ Years in Cybersecurity

Our experts bring practitioner depth in DFIR, cloud forensics, and security operations — not just report-writing experience.

Cross-Examination Ready

Our experts give clear, consistent evidence under pressure. We prepare thoroughly, and we do not overstate our findings.


Independent Expert Witness

When a matter proceeds to litigation, an independent Expert Witness must assist the Court impartially, regardless of who has retained them. SoteriaSec’s experts understand this obligation and take it seriously. Our reports and testimony are grounded in defensible methodology, real-world experience from our Experts, and clear reasoning that holds up under cross-examination.

We have prepared expert reports and provided oral evidence in proceedings governed by:

  • The Federal Court’s Expert Evidence Practice Note (GPN-EXPT)
  • Uniform Civil Procedure Rules 2005 (NSW)
  • Uniform Civil Rules 2020 (SA)
  • Uniform Civil Procedure Rules 1999 (Qld)

Our independence is not a marketing claim. It is a professional obligation, and one we have demonstrated in proceedings where our findings did not favour the retaining party.


Consulting Expert

Not every matter requires expert evidence to be disclosed. A Consulting Expert works directly with the legal team to assess the technical merits of a case, identify weaknesses in opposing expert reports, and develop a technical strategy, without being disclosed to the other side.

SoteriaSec provides consulting expert services to law firms and barristers at any stage of a matter, from early case assessment through to trial preparation. We can transition to an independent Expert Witness role where appropriate and where conflicts allow.


Proven at the Highest Level

SoteriaSec was the independent cybersecurity technical Expert Witness retained by the Office of the Australian Information Commissioner (OAIC) in its case against Australian Clinical Labs (ACL) following ACL’s February 2022 data breach, one of the most significant privacy enforcement actions brought by the OAIC under the Privacy Act 1988 (Cth). This engagement required technical analysis of breach causation, security adequacy, and regulatory compliance at the level required for Federal Court proceedings.

We have provided Expert Witness services for Federal and District Courts in Australia across both civil and criminal jurisdictions.


What We Cover

Cybersecurity litigation rarely involves a single technical issue. Our experts have provided opinions and testimony across:

  • Data breach causation and timeline reconstruction — establishing how and when a breach occurred, what data was affected, and what controls failed
  • Security adequacy and standard of care — whether an organisation’s security posture met the standard expected given their size, sector, and threat environment
  • Regulatory compliance — whether an organisation met obligations under the Privacy Act 1988 (Cth), the Notifiable Data Breaches scheme, or applicable industry standards
  • Digital evidence integrity — chain of custody, forensic soundness, and the reliability of evidence presented by other parties
  • Incident response conduct — whether the response to a breach was appropriate and timely
  • Rebuttal of opposing expert reports — identifying methodological flaws, unsupported conclusions, and technical errors in reports prepared by the opposing party
  • Cyber insurance disputes — causation, business interruption, and scope of loss in cyber insurance claims
  • IT and cyber vendor disputes — technical assessment of whether a vendor’s product or service met contractual specifications, performed as represented, or contributed to a security failure; includes review of service level agreements, security obligations, and incident response conduct by third-party providers
  • Employee and employer disputes — forensic analysis of device activity, data exfiltration, access logs, and communications to support or defend claims involving unauthorised data removal, breach of confidentiality obligations, misuse of company systems, or contested terminations with a digital evidence dimension

Reports Built for Court

A technically accurate report that a judge cannot follow is not useful. SoteriaSec’s expert reports are written to translate complex technical findings into clear, structured analysis that legal professionals and the Court can work with directly.

Every report we produce is prepared in accordance with the applicable court rules and practice notes, includes a compliant expert witness declaration, and documents the methodology underpinning every finding. We do not rely on unexplained technical assertions; we show our reasoning.


Who We Work With

SoteriaSec works directly with:

  • Law firms conducting privacy, employment, commercial, criminal, and insurance litigation with a cybersecurity dimension
  • Barristers requiring independent technical support or a briefed expert for trial
  • Insurers and underwriters assessing the technical merits of cyber claims and disputes
  • Regulators and government bodies requiring independent cybersecurity expertise for enforcement matters
  • In-house and internal legal counsel requiring independent technical expertise to support regulatory responses, internal investigations, or litigation where an external cybersecurity expert is needed to maintain the appearance and substance of independence from the organisation’s own security team

We are experienced in operating under solicitor-client privilege and legal professional privilege frameworks, and we understand the practical constraints of litigation timelines.


Engage SoteriaSec

Early engagement produces better outcomes. The sooner we can assess the technical issues in a matter, the better placed we are to provide a meaningful opinion, whether that is identifying a critical weakness in an opposing expert’s methodology, or confirming that a case has the technical foundation to proceed.

Contact us to discuss your matter confidentially.

We use cookies to enhance your experience on our website. By clicking ‘Accept’, you agree to our use of cookies.I Accept
SoteriaSec

Empowering organisations to build resilience against evolving threats, SoteriaSec delivers expert Digital Forensics and Incident Response services. With specialised knowledge in cloud security for Microsoft 365, AWS, Azure, Google Workspace, and Google Cloud, we ensure you thrive in a complex threat environment.

  • Home
  • About
  • Contact
  • Privacy Policy
  • Terms & Conditions

Copyright by SoteriaSec Pte Ltd | 2026