Cyber Security Practitioner

Volume: 2 Issue: 5
(May 2016)


News

The UK Government’s Department for Culture, Media & Sport (‘DCMS’) published on 8 May 2016 its Cyber Security Breaches Survey 2016 (the ‘Survey’), which found that 65% of large firms had detected a cyber security breach or attack in the last year, and 25% experience them at least once a month. Minister for the Digital Economy Ed Vaizey claimed that there is a “gap between awareness and action” and urged adoption of the Government-backed Cyber Essentials scheme. / read more

The U.S. Government Accountability Office (‘GAO’) released on 25 April 2016 its vehicle cyber security report (‘Report’), which examines key vehicle cyber security vulnerabilities as well as existing practices and technologies available to mitigate the impact of potential attacks. According to the Report, the majority of stakeholders interviewed agreed that wireless attacks, such as those exploiting vehicles’ built-in mobile-calling capabilities, would pose the largest risk to passenger safety, and that ‘such attacks could potentially impact a large number of vehicles and allow an attacker to access targeted vehicles from anywhere in the world.’ / read more

The US Federal Bureau of Investigation (‘FBI’) released a warning for businesses on 29 April 2016 on the rise of ransomware incidents, which provides tips for prevention and business continuity following an attack and states that the FBI does not support the payment of a ransom following an attack. / read more

Data appearing to be credentials for around 117 million LinkedIn accounts - including hashed user passwords - appeared for sale on the dark web on 17 May 2016, leading to the social network invalidating user passwords for accounts it believes to be affected and contacting affected users. / read more

The Financial Times reported on 25 May 2016 that the Bank of England, GCHQ and the UK government are considering plans whereby bank customers may be barred from receiving compensation after suffering fraud, should the individual/company fail to deploy adequate online security. / read more

The European Union Agency for Network and Information Security (‘ENISA’) published on 16 May 2016 its Qualified Website Authentication Certificates Report (‘Report’), which contains recommendations for governments and business and aims to improve the EU website authentication market and increase transparency in the market through qualified website authentication certificates. / read more


Features

Earlier this month the UK Government published the Cyber Security Breaches Survey 2016 (‘Survey’). The Survey draws upon telephone surveys of 1,008 businesses and 30 indepth interviews / read more

Demand for cyber security insurance has grown in the UK over the past few years, but insuring against cyber risk is by no means a simple business; for instance, there are questions around how cyber risk might be assessed and classified. The UK - and other jurisdictions - can look to the US for some lessons, as the development of the US cyber insurance market is much more advanced than the UK. Manoj Vaghela, Partner at Pinsent Masons LLP, discusses these issues and considers what is in store for the UK cyber insurance market over the next few years. / read more

A recent data breach saw the personal data of almost 93.4 million Mexicans exposed online. The breach is of course of note to Mexican citizens, but the nature of the breach - a voters’ list was found in a publicly available database stored on Amazon’s cloud service - raises questions about the use of cloud services, as well as lessons for private sector companies acting as data controllers, as Guillermo E. Larrea, Of Counsel at Jones Day, explains. / read more

On 10 May 2016, District Judge Nina Tempia, sitting at Westminster City Magistrates Court, refused an application by the UK National Crime Agency (‘NCA’) for the Court to use its case management powers to compel disclosure of encryption keys and passwords in relation to hardware seized from Laurie Love, the alleged hacker of FBI and NASA computer systems. / read more

At first sight it might be thought that the practice known as ‘e-discovery’ has a close connection with the investigation of cyber crime. Closer examination indicates that the two disciplines share common features but differ in their purpose. In practice the purposes may not coincide very often. Mark Surguy, Partner at Weightmans, considers the differing nature of e-discovery and cyber crime investigations. / read more

Ukraine unveiled on 15 March 2016 a new Cyber Security Strategy (‘Strategy’), designed to improve its resilience and response to cyber threats, especially in regard to critical infrastructure. Ukraine has a difficult job ahead of it, as currently the country is vulnerable in cyberspace, both at a national level and for individuals online. Mariia Koval of Ilyashev & Partners considers the Strategy’s priorities and its prospects. / read more

Encryption’s importance as a means of protecting personal data has been recognised in numerous pieces of guidance produced by the UK’s Information Commissioner’s Office (‘ICO’). While encryption assists businesses in achieving greater data security, its position in law is uncertain, and numerous factors challenge its availability and efficacy. David Cook of PwC Legal discusses encryption in the context of UK data protection legislation and outlines the challenges to encryption remaining a viable security measure. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed