Cyber Security Practitioner

Volume: 1 Issue: 1
(April 2015)


News

The UK Government published a report, ‘UK cyber security: the role of insurance managing and mitigating the risk,’ on 23 March, which evaluates the role insurance can play in helping UK companies reduce cyber security risks, and identifies hindrances including a possible failure by insurers to communicate their value to business leaders in coping with cyber risk, problems with defining what should be covered, and a lack of data to model the risks. / read more

The French data protection authority (CNIL) issued, on 31 March, recommendations regarding the decryption by employers of communications protected by HTTPS. HTTPS encryption is widely implemented as a security method to reduce the risk of data interception but poses an issue for employers as it makes it difficult to monitor the content of employee communications which can lead to accidental and intentional data loss. / read more

Security researchers the Ponemon Institute and software developers Venafi published on 25 March their 2015 Cost of Failed Trust Report, which found that 100% of UK companies whose representatives were interviewed for the Report have responded to multiple cyber attacks on their cryptographic keys and digital certificates over the past two years. The research involved over 2,300 IT security professionals in five countries, including 499 in the UK. / read more


Features

There are only two necessary ingredients within a recipe for a cyber security compensation claims culture. First, would-be claimants need to know that they have been affected by a cyber security breach. Second, the law needs to allow them to recover damages for simple distress. The law is benevolently gifting us these ingredients. All we need are some enterprising lawyers to stir the pot, and then there will be a feeding frenzy. / read more

The conflict between governments’ desire to collect private sector data for the purposes of intelligence gathering and law enforcement, and a company’s wish to safeguard that data has never been more obvious. Dave Clemente, Senior Research Analyst at the Information Security Forum, discusses the evolution of this tension, the legal ambiguities, and the commercial implications of government data collection. / read more

Stewart Room, Global Head of Cyber Security and Data Protection at PwC Legal and Founding Editor of Cyber Security Law & Practice, provides a comprehensive guide to the scope of cyber and data security law. In this first instalment of a two-part article, Stewart breaks down the legal framework governing cyber and data security. / read more

Governments and organisations are putting plenty of resources into cyber security awareness-raising, but there seems to be a relative lack of progress. In this article, Dr. Jessica Barker, a Cyber Security Consultant, asks if the approach being taken in bringing cyber security to the masses is flawed. Jessica questions the current approach to using fear as a method to change behaviour, and argues that the notion of empowerment is not often used in cyber security, but hugely important when seeking to achieve behavioural change. / read more

Raj Roy, Legal Director for Residential Energy at British Gas, sets out the challenges facing the energy sector in managing the competing regulatory priorities, which include the strengthening of the privacy rights of customers, coupled with the enhancement of cyber security requirements, against encouragement by the sector specific regulator for the energy market to step up engagement with customers. / read more

Organisations around the world must be prepared for a landscape of growing cyber security incidents and data breaches. In this article, Alex Pickering, Global Privacy Director at BBC Worldwide, argues that key to any cyber security risk management programme within an organisation is the people - and the creation of an organisational culture that allows for information security compliance is therefore vital. Alex suggests steps to create a continually evolving culture for information security compliance. / read more

In the UK, regulatory guidance and enforcement has helped transform the untamed cyber security environment into a vast but understandable framework that businesses must be aware of. James Witton of PwC Legal LLP describes the regulatory developments relating to cyber data security in the UK as they have appeared over the last year and examines the accompanying enforcement actions. James also briefly addresses the international trends that have emerged in order to highlight the most important implications for all businesses. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed