Cyber Security Practitioner

Volume: 1 Issue: 6
(September 2015)


News

The UK’s Government Communications Headquarters (‘GCHQ’) published on 8 September ‘Password Guidance: Simplifying Your Approach,’ which provides organisations with advice on password policies and represents a change of direction for the agency, recommending a simpler approach to passwords. / read more

The Federal Trade Commission announced, on 24 August, that the US Court of Appeals for the Third Circuit issued their decision in FTC v. Wyndham Worldwide Corporation. The Decision affirms the ruling of the US District Court for the District of New Jersey, which held that the FTC did have authority to bring claims for lax data security practices under Section 5 of the FTC Act. The Decision also affirms that the FTC’s informal guidance on data security can provide companies with fair notice of security practices which the FTC considers reasonable. / read more

The cyber insurance market could grow to $7.5 billion in annual premiums by 2020 and the insurance industry could face competition from disruptors if it does not act fast to innovate, according to a new report ‘Insurance 2020 & beyond: Reaping the dividends of cyber resilience’ issued by PwC on 14 September. / read more


Features

When the little boy pointed his finger at the Emperor to burst his Haute Couture illusions, we learned an important life lesson about the power of flattery and vanity. The naked Emperor had been surrounded by courtiers who knew as a fact that the merchants were selling him thin air, but they were happy to fetter all of their advisory obligations and duties, to flatter and ultimately deceive. Plainly, the Emperor had lost his faculties and was in no position to judge. The crooked merchants simply took advantage, made laughing stocks of the Emperor and the courtiers, while pocketing the loot. / read more

Terry Greer-King, Director of Cyber Security at Cisco UK&I, provides a detailed breakdown of Cisco’s latest Mid-Year Security Report, released in July, and what this tells us about the latest cyber attack trends. Terry then provides his thoughts on the need to adopt a holistic, user-centric approach to security, which includes key steps for businesses to develop an effective cyber security policy. / read more

Most legal commentators find that Software as a Service (‘SaaS’) raises more issues than it solves. You would think from the press in particular that SaaS is a potential minefield of security vulnerabilities wrapped up in a lack of contractual commitments from service providers. But the picture is far from being so clear-cut. Simon Briskman, Partner at FieldFisher, provides a detailed look at the difficulties that compliance requirements cause when adopting SaaS, and the emerging solutions. / read more

Financial services firms, when considering how best to prepare themselves against the threat of cyber crime, have more than one perspective that needs to be considered. Firstly, legal requirements, such as Europe’s forthcoming Network and Information Security (‘NIS’) Directive, need to be considered. Information assurance standards like PCI DSS also need consideration. Finally, there is a need to look at the firm’s own experience with cyber security and the experience of others in the industry. Hans Allnutt, Partner at DAC Beachcroft, Michael Fignon, Manager at Portcullis Computer Security Ltd, and Sandra Cole, UK & International Claims Manager at specialist insurer Beazley, discuss respectively these three perspectives in the context of financial services. / read more

In this article David Cook, Solicitor in the Cyber Security and Data Protection team at PwC Legal LLP analyses the legal hurdles to evidence collection relating to the investigation of a cyber crime, and how to overcome these hurdles in order to ensure that data obtained as part of a cyber investigation does not become compromised. / read more

The Office of the Privacy Commissioner of Canada together with its Alberta and British Columbian counterparts has released guidance on the use of employee-owned devices (‘BYOD’) in private sector organisations. The guidance, ‘Is a Bring Your Own Device (BYOD) Program the Right Choice for Your Organization?’ asks organisations to give serious consideration to their privacy and data security responsibilities before implementing programmes that allow employees to use personal devices for work purposes. Timothy M. Banks, Partner and Canadian leader of the Global Privacy and Data Security Practice at Dentons assesses the detail of the guidance and its shortfalls. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed