Cyber Security Practitioner

Volume: 3 Issue: 12
(December 2017)


News

The UK Government published a policy paper on 30 November 2017 entitled ‘Interim cyber security science and technology strategy: future-proofing cyber security,’ in which the Government aims to identify developing areas of technology that will impact cyber security, develop initial policy responses to such areas, and assess whether the Government’s standard of response to cyber security science and technology developments is sufficient. / read more


Features

This month’s High Court decision on employers’ vicarious liability for personal data breaches was described by an old friend as “the worst Christmas present that business could get.” Scanning across the social media landscape, it seems that many share my friend’s perspective. / read more

The G-7 countries’ Cyber Expert Group has published guidance dealing with cyber security in the financial sector, namely the ‘Fundamental Elements of Cybersecurity for the Financial Sector’ and in October 2017, the ‘G-7 Fundamental Elements for Effective Assessment of Cybersecurity in the Financial Sector.’ Craig Rogers and Michael Bahar of Eversheds Sutherland discuss these guidelines before assessing the shape of cyber security requirements for the financial sector in each of the G-7 countries. / read more

Justin Tivey and Jonathan Drake, of Womble Bond Dickinson LLP, assess the UK’s developing cyber insurance market in the context of the changing regulatory landscape and assess the possible benefits and risks associated with the proposal to share data breach information between insurers and the ICO. / read more

Reports of nation states influencing the results of foreign elections via the internet are fast becoming commonplace. For several years commentators have been reporting practices ranging from the defacing of campaign websites and accessing of opponents’ donor databases, to the hacking of vote counting machines and smartphones, the creation of clone webpages, the sending of mass emails and texts and the use of automated bots to control activity on social media. Annabelle Gold-Caution of Fieldfisher analyses the impact of targeted social and technical influence on recent significant political events across the globe, comparing state responses to fake news, social media propaganda and cyber espionage. / read more

One of the fallouts from the recent significant data breach at consumer credit reporting agency Equifax has been that a spotlight has been placed on the implications from a cyber security perspective of using open source software, since the attack leading to the Equifax breach was achieved through a vulnerability in the Apache Struts open source web framework, enabling the perpetrators to access the databases that sit behind Equifax’s website. Chris Pace, Technology Advocate at threat intelligence provider Recorded Future, explores in this article why many organisations use open source software and how such software may be exploited, and explains what organisations can do to lessen the risks. / read more

The UK’s National Audit Office (‘NAO’) published a full report entitled ‘Investigation: WannaCry cyber attack and the NHS’ (the ‘Report’) on 27 October 2017, which looked to investigate the context, causes and result of the ransomware attack WannaCry on the NHS. Dan Hyde, Partner at Penningtons Manches LLP, discusses the findings of the Report and the lessons the NHS and the Department of Health (‘DoH’) must learn from WannaCry. / read more

Professor Kevin Hammond, Professor of Computer Science at the University of St Andrews, details here a new initiative he is leading, the Scottish Informatics and Computer Science Alliance (‘SICSA’) Cyber Nexus, which will look to focus efforts by Scottish universities on cyber security and cyber resilience, in partnership with government and industry. Professor Hammond describes the various components of the SICSA Cyber Nexus, including the themed events and workshops being organised, and details the initiative’s aims. / read more


About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed