Cyber Security Practitioner

Volume: 2 Issue: 1
(January 2016)


US President Barack Obama signed into law the Cybersecurity Act (the ‘Act’ or ‘CISA’) on 18 December; its primary aim is to encourage the voluntary sharing of cyber security threat information by organisations, by removing legal uncertainty and tackling concerns over liability. / read more

Affinity Gaming, a US casino operator, filed a lawsuit in the US District Court in Nevada on 24 December, alleging that cyber security company Trustwave failed to contain a data breach that it had been hired to remedy, that Trustwave’s claims that the breach was contained were untrue and that the investigation carried out by Trustwave was “woefully inadequate.” / read more

The EU Agency for Network and Information Security (‘ENISA’) released two documents regarding Smart Cities and Intelligent Public Transport (‘IPT’) on 12 January to provide cyber security best practices for IPT operators, as well as recommendations for measures to protect system security. “The fusion of cyber technology, physical infrastructures and mass transport vehicles [...] has the effect of introducing cyber security risks into transport networks that have not historically been susceptible,” notes ENISA. / read more


The full range of implications resulting from last year’s political agreements on the Network and Information Security Directive and the General Data Protection Regulation will take years to work out, but some are already indisputable: the trajectory for entities is one of more disputes and litigation and the law will be most troublesome in the area of cyber and data security. / read more

Political agreement has been reached on a new EU regime imposing cyber security requirements and incident notification obligations on operators of essential services together with digital service providers. Rob Sumroy and Natalie Donovan of Slaughter and May discuss the requirements set out in the Network and Information Security (‘NIS’) Directive (the ‘Directive’). / read more

On 16 December, the EU Agency for Network and Information Security (‘ENISA’) published its findings on approaches adopted across the EU in relation to cyber security information sharing (‘IS’). The report investigated practices in six sectors whose proper functioning was identified by the Impact Assessment of the NIS Directive as key to preserving the correct functioning of the internal market. The sectors identified were: energy, transport, health, finance and banking, internet services and public administration. Infrastructure in these sectors was found to be particularly vulnerable to cyber attack due to their dependence on network and information systems. / read more

To protect against cyber crime, governments may consider further legislation - adding to the considerable array of laws affecting the internet that already exist in places such as the UK - as one method of fighting back. Here, Mike Gillespie and Chris Cope of Advent IM, an independent information and physical security company specialising in consultancy and training, discuss what that new legislation could do, but also query whether there are alternatives to introducing further legislation, and whether other stakeholders beyond national governments should step up to strengthen cyber security. / read more

It was confirmed on 15 December that the European Parliament, Council and Commission representatives have reached political agreement on the drafting of the new EU data protection framework. Europe’s newly agreed General Data Protection Regulation (‘GDPR’) will have a significant impact on large online companies. In reaction to this momentous development, Philip James and Eitan Jankelewitz of Sheridans discuss the requirements included in the agreed text and advise organisations to start making the necessary preparations now or risk losing their competitive advantage. / read more

Alistair Hogarth, Partner at PwC Legal LLP, discusses legal due diligence in a cyber risk context, the difficult questions posed, and how sale and purchase agreements may only be part of the solution now. / read more

In the second half of a two-part article, Stephen Ward of cyber threat intelligence company iSIGHT Partners analyses the key trends and areas of concern in cyber security seen in 2015 and provides an outlook on what cyber threats will dominate in 2016. / read more

About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives

Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed