Welcome to the thirty seventh blog post for The Lawyer Files.
Thank you, as always, for subscribing and following the journeys of legal changemakers. Each edition brings you honest reflections, practical insights and powerful stories from individuals shaping the future of law with purpose, curiosity and innovation.
✨ In this edition, we feature Koye Adeyeye, a U.K.-qualified solicitor specialising in Cyber Incident Response and Professional Indemnity at DAC Beachcroft LLP, and currently a Litigation Counsel Secondee at Lockton.
Koye’s career sits at the intersection of law, technology and crisis management. His work involves guiding organisations through some of their most high pressure moments, from containing cyber breaches and coordinating forensic investigations to advising on regulatory engagement and notification obligations under the UK GDPR. What makes his journey particularly compelling is the way he combines legal expertise with a deep understanding of cybersecurity and fintech.
Alongside his legal practice, Koye has developed specialist knowledge in financial technology, recently completing the Oxford Fintech Programme at Saïd Business School with an impressive result. This experience has shaped the way he advises clients, allowing him to translate complex technical issues into clear, commercially grounded legal advice at a time when innovation is moving faster than regulation.
In this conversation, Koye reflects on how an early interest in threat intelligence and crisis driven work led him into cyber law, why real time incident response gives him a strong sense of purpose, and the importance of understanding the client beyond the black letter law. He also shares valuable insight into training contracts, secondments, and how in house exposure can fundamentally change the way solicitors approach their work.
If you are curious about cybersecurity law, interested in the future of fintech, or navigating your own path through commercial legal practice, Koye’s story offers clarity, depth and practical inspiration.
Let’s dive in 💡
- Your career has centred on cyber incident response. What first sparked your interest in cybersecurity and what keeps you passionate about this area of law?
It’s funny because when I was a in school, I was obsessed with crime series and always fancied myself working in MI5 or doing something in threat intelligence. Eventually, I realised that law offered a clearer, more accessible path for me, and I assumed I’d end up as a traditional litigation lawyer…until I stumbled into cyber.
What really hooked me about cyber incident response is the crisis-driven nature of the work. You’re guiding clients through genuine crisis situations in real time, helping them respond to a threat actor who is actively trying to extort them – often by leaking their data on the dark web. It’s fast-paced, a lot of the time frantic, but incredibly rewarding. The sense of purpose you get from helping a company navigate a high-pressure incident and come out from the other side with a good outcome is honestly, for me, unmatched. That’s what keeps me passionate about it.
- You have experience containing breaches, coordinating forensic investigations, and engaging with regulators under the UK GDPR. Which part of the incident response process do you find most challenging and what skills are essential for handling it effectively?
I’d say all parts of the process are complex for their own reasons but for me, the most challenging aspect is assessing whether a breach triggers the threshold to notify affected individuals. Under the UK GDPR, organisations must notify individuals where the breach is likely to result in a high risk to their rights and freedoms. The difficulty is that “high risk” isn’t defined, so much of the assessment relies on legal interpretation, context, and the client’s own risk appetite (for not notifying).
What makes it challenging is that the same type of personal data can create very different levels of risk depending on the organisation involved. For example, if a threat actor encrypts customer data from a real estate agent, the impact may be low because the business can simply request that information again. But if identical data is encrypted at a hospital, it could lead to cancelled appointments or delayed operations, which is clearly a high risk.
You need strong analytical skills, the ability to think beyond rigid checklists, and a good level of commercial awareness. Understanding the nature of your client’s business, the sensitivity of the data involved, and the real-world consequences for individuals is essential. It’s a balance of legal judgement, risk assessment, and practical thinking.
- Alongside your legal practice, you’ve developed specialist knowledge in cybersecurity and fintech. How do you see the intersection of these two sectors evolving and what should future lawyers be preparing for?
Cybersecurity and fintech are becoming increasingly interconnected, and I think that overlap is only going to deepen. Modern financial services rely heavily on digital infrastructure – open banking, AI-driven tools, cloud-hosted platforms, and real-time payment systems, all of which expand the attack surface for threat actors. My specialist knowledge in fintech and my more technical understanding of cybersecurity really highlighted how innovation in finance is moving faster than regulation, and that creates a lot of opportunities but also a lot of risks.
For future lawyers, I think the key is developing a blend of legal, technical, and commercial awareness. You won’t need to have strong technical knowledge, but you may need to understand how technologies like APIs, machine learning and cloud architecture actually work in practice because they shape the risks our clients face. Being able to translate complex technical issues into clear legal advice will be a huge differentiator.
- Your progression from trainee solicitor to solicitor and now secondee litigation counsel at Lockton is impressive. What experiences or lessons during your training contract shaped you the most?
Thank you! I had a fantastic training contract and gained exposure to a wide range of sectors, but the biggest lesson I’ve carried forward, especially since qualifying and during my secondment – is the importance of understanding the client beyond the legal issues.
Having strong technical knowledge of legislation and case law is essential, but what really makes a great lawyer is the ability to pair that knowledge with commercial awareness. No two clients are the same; their risk appetite, priorities and internal pressures differ. Working in-house at Lockton has really highlighted how much clients value advice that reflects their business realities, not just the black-letter law.
Seeing things from the client’s side has shaped the way I work. It’s taught me to think more strategically, to tailor my advice more carefully, and to approach matters with a much stronger appreciation of the commercial context behind every instruction.
- You completed the Oxford Fintech Programme at Saïd Business School and achieved 87 percent. How has this programme influenced the way you approach your work in cyber and financial lines litigation?
I’d definitely say that studying the course was a lot more influential to my cyber expertise than my work in financial lines. The course itself was more focused on fintech than cybersecurity but it did definitely help me better understand why certain vulnerabilities exist, how threat actors exploit financial systems, and what operational risks clients are exposed to as they adopt new technologies. It means I can give advice that isn’t just legally accurate but grounded on how technology works, when advising fintech clients.
Koye Adeyeye – https://www.linkedin.com/in/koye-adeyeye/
Solicitor (Cyber Incident Response/Professional Indemnity) at DAC Beachcroft LLP
I hope Koye’s journey has inspired you, especially if you are curious about cybersecurity law, navigating high pressure legal environments or exploring how law and technology intersect in real world crisis situations.
His story is a reminder that legal careers can be shaped by curiosity, adaptability and the confidence to step into fast moving, technical spaces that may feel unfamiliar at first. From an early interest in threat intelligence to guiding organisations through live cyber incidents, Koye shows how purpose, problem solving and calm judgement can define a meaningful modern legal career.
Through his reflections on cyber incident response, fintech innovation and in house secondment experience, he highlights the importance of understanding clients beyond the black letter law. His journey shows that strong legal advice is not just about knowing the rules, but about appreciating commercial realities, risk appetite and the human impact behind every decision.
For anyone questioning whether they belong in technology focused areas of law, or wondering how to build confidence in complex, evolving practice areas, Koye’s story shows that you do. With preparation, curiosity and a willingness to keep learning, it is possible to build a career that is both intellectually challenging and genuinely impactful.
🎧 Our podcast episode with Koye will be available soon on Spotify, Apple Podcasts, Amazon Music and Audible. We explore what cyber incidents look like behind the scenes, how lawyers support clients in real time, and the skills needed to thrive in cybersecurity and fintech driven legal practice.
We also discuss secondments, training contracts and why seeing legal work from the client’s perspective can transform the way solicitors deliver advice.
Make sure you are subscribed so you do not miss future episodes.
Until next time, stay curious, stay open minded and keep pursuing the work that inspires you 💡🎙️
Denice Obeng 😊
