Cyber Security Practitioner

Volume: 2 Issue: 9
(September 2016)


News

Ciaran Martin, Chief Executive of the UK’s new National Cyber Security Centre (‘NCSC’), confirmed at a Washington conference on 13 September 2016 that British intelligence agency GCHQ is considering the up-scaling of its DNS filtering to include private internet service providers (‘ISPs’), with the intention of protecting those companies and their customers from malicious attacks, for example from malware attacks; the plan has been referred to in the media as the ‘GCHQ firewall.’ / read more

A Report released by the UK’s National Audit Office (‘NAO’) on ‘Protecting information across government,’ published on 14 September 2016, reveals that the Cabinet Office has not yet established a clear role in coordinating and leading department efforts to protect their information, weakened by the limited information it has on departmental costs, performance and risks. / read more

Philipp Amann, Head of Strategy at Europol’s European Cybercrime Centre (‘EC3’), said in an interview with The Register on 7 September 2016 that a post-Brexit UK will be “cut off from the full intelligence picture,” noting that the UK would not have the same visibility as a full EU Member State as the UK will lack access to certain systems and will lose its role within certain priority-setting governance groups. / read more


Features

Last week was another remarkable one for cyber security breaches. The Yahoo! case concerns the loss of data on 500 million accounts. If each account represents an individual person, we’re talking about a population size roughly equivalent to the entire EU. The other story concerns the World Anti-Doping Agency (‘WADA’), and the work of the hacking group ‘Fancy Bear,’ who have been releasing sensitive personal data on athletes who were subject to the anti-doping programme during the Rio 2016 Olympic Games. Some of Team GB’s Rio Olympics heroes have found themselves the subject of very unwelcome focus as a result of the leaks. / read more

The UK Cyber Security Breaches Survey 2016 commissioned by the Department for Culture, Media and Sport (‘DCMS’) found that 25% of companies experience a cyber breach at least once a month. The Yahoo! data breach is being spoken of as the largest cyber security breach in corporate history with hackers stealing data from 500 million users. At the annual Black Hat USA cyber security conference, warnings were delivered about the security inadequacies of modern Voice over Internet Protocol (‘VoIP’) or unified communications systems which are sometimes overlooked when corporates or individuals assess their cyber attack vulnerabilities. The incorporation of VoIP into a corporate network means that VoIP tends to be another service running over the IP network and is therefore another door through which hackers can gain access to a wider system or underlying infrastructure. Emma Wright, Partner at Kemp Little, looks at the emerging VoIP technology and assesses its legal and cyber security position as well as its business viability in the current market. / read more

On 2 August 2016, Bitfinex - one of the world’s largest digital currency exchanges - was subjected to a hack that resulted in the theft of nearly £60m worth of bitcoin. Adrian Shedden and Lucy Pegler of Burges Salmon explain the impact of the hack on cryptocurrencies. / read more

With cyber insurance policies now more popular than ever - protecting businesses subject to hacks and data breaches and providing comprehensive cover should such events occur - the need to understand the language of these policies and the insurance being purchased is of paramount importance. Margaret A. Reetz, Partner, and Associates Douglas B. Giombarrese and Gregory S. Mantych of Mendes & Mount LLP analyse previous US case law and seek to shed light on policy terms used to cover cyber losses. / read more

A Tribunal recently upheld a UK Information Commissioner’s Office (‘ICO’) fine against TalkTalk following TalkTalk’s 2015 data breach, with the dispute in this case revolving around establishing when TalkTalk effectively ‘became aware of the breach.’ Hazel Grant and Marta Dunphy-Moriel of Fieldfisher LLP analyse the lessons to be learnt for organisations when handling breaches, especially concerning any ensuing interactions with the ICO. / read more

The rapid development of cyberspace has reshaped modern societies but also introduces new forms of threats. As a consequence, nations around the world have produced cyber security strategies1 to educate citizens and to make cyberspace a safer place. However, despite much effort, it seems that cyber security awareness campaigns fail to achieve their objectives and that traditional knowledge transfer alone is not sufficient to positively change behaviours2. / read more

Finding the right balance between business needs and privacy rights is an even more important compliance issue because the General Data Protection Regulation (‘GDPR’) directly and indirectly requires businesses to limit the collection and storage of personal data. In this article, William Long and Vishnu Shankar of Sidley Austin LLP discuss the likely impact of the GDPR on retention and storage of EU-originating personal data. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed