Cyber Security Practitioner

Volume: 1 Issue: 2
(May 2015)


News

The European Commission (EC) published on 28 April its ‘European Agenda on Security,’ a roadmap that identifies cyber crime as a priority area for EU security. The Agenda sets out principles and aims for cooperation and joint action by stakeholders over the next five years, towards an ‘effective and coordinated response at EU level.’ / read more

The US Department of Justice (‘DoJ’) Cybersecurity Unit issued on 29 April new guidance on best practices for companies when preparing for and responding to a cyber incident. The guidance focuses heavily on cyber incident preparedness and the need for companies to implement a comprehensive cyber incident response plan before an attack takes place. / read more

The updated version of Lithuania’s General Requirements on Organisational and Technical Data Security Measures entered into force, on 1 May, following the introduction of the new Lithuanian Law on Cybersecurity in January 2015. The Updated Requirements set out three levels of security measures which apply to different types of data. / read more


Features

Last month’s editorial opined that “there are only two necessary ingredients within a recipe for a cyber security compensation claims culture,” namely (1) transparency after a security breach and (2) an entitlement to compensation for mere distress. The breach disclosure reforms within the EU General Data Protection Regulation and the Cyber Security Directive will provide the first ingredient. The Google v. Vidal-Hall judgment provides the second, although the case is now on its way to the Supreme Court, so we have to wait a while longer before we can be certain of where the law places the bar to compensation. / read more

Phil Cobley, Digital Forensics Manager in the Cyber Crime Unit of Bedfordshire Police, provides an insight into how UK policing has adapted to try to deal with the ever-growing threat of cyber crime. In doing so, Phil describes the initiatives the Police have implemented over the past few years in reaction to the threat, but also highlights where considerable challenges remain, and crucially how businesses can collaborate with the Police in order to more effectively combat cyber crime. / read more

Online sales figures from major UK retailers made for impressive reading during the 2014 Christmas period. Sainsbury’s announced that it delivered over 110,000 online orders in the week before Christmas, while Tesco saw its online clothing sales grow by a massive 52.4% in the six week run up. Even luxury brand Fortnum and Mason logged a 31% jump in online sales during the five weeks prior to Christmas1. One of the key lessons we have learnt from our US experience is that a dramatic increase in online sales - not to mention the rapid rise of online data storage system use across multiple industries - comes with an equally dramatic increase in data breach risk. / read more

Regardless of the target of a malware incursion by cyber criminals, social engineering plays a part in many such attacks, with the attacker coercing the victim into taking an action, such as revealing a password, that will facilitate the malware infection. Raj Samani, VP, EMEA Chief Technical Officer at McAfee, explains the role of social engineering in these attacks and the steps businesses can take to protect themselves. / read more

In the second installment of a two-part article which aims to provide a comprehensive guide to the scope of cyber and data security law, Stewart Room, Global Head of Cyber Security and Data Protection at PwC Legal and Founding Editor of Cyber Security Law & Practice, provides a detailed list of priorities that must be addressed in order to operationalise data and cyber security throughout an organisation in accordance with the legal and regulatory requirements. / read more

A cyber security data breach or an electronic investigation typically involves some form of electronic data discovery (‘e-discovery’). Although e-discovery tools and technology have advanced, there are some prevailing challenges in investigating, collecting, accessing and storing data for any global organisation that is investigating a case that involves personal data that is physically situated in either the US or the EU. The challenge of running a cross border investigation is particularly difficult to overcome when dealing with US and Europe cross border transfers and the way in which the respective legal systems view personal data. Steve Wright, Chief Privacy Officer at Unilever, in this article highlights some of the key conflicts that organisations confront when dealing with cross border e-discovery. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed