Cyber Security Practitioner

Volume: 3 Issue: 3
(March 2017)


ENISA published on 27 February 2017 preliminary guidelines for digital service providers (‘DSPs’) intended to support the implementation of the incident notification obligation of the Network and Information Security Directive (‘NIS Directive’). / read more

The UK Government published on 1 March 2017 its Digital Strategy (‘Strategy’), which includes cyber security as one of seven strands. The Strategy draws together numerous UK cyber security initiatives, including the establishment of the National Cyber Security Centre. / read more


Earlier this month I gave evidence to the House of Lords Home Affairs EU Sub-Committee, about the impact of Brexit on data protection matters. Part of the focus of the proceedings was the question of the UK’s adequacy as a ‘third country’ after Brexit. To explain, EU data protection law treats non-EU countries as third countries and unless they gain an EU adequacy finding, flows of personal data from Europe are subject to legal restrictions. / read more

On 1 March 2017, an expansive set of cyber security rules, the Cybersecurity Requirements for Financial Services Companies (‘the Regulations’), came into effect for the financial services sector in New York State. First proposed on 13 September 2016, the initial draft regulations received substantial criticism for their prescriptive approach. F. Paul Greene, Partner at Harter Secrest & Emery LLP, considers the Regulations in detail. / read more

Natalie Donovan and Duncan Blaikie of Slaughter and May take an indepth look at the findings of the Cyber Security Regulation and Incentives Review (‘Review’), released by the Department for Culture, Media and Sport in December 2016, considering why it was conducted and how the introduction of other legislation, such as the General Data Protection Regulation (‘GDPR’), has influenced the Review’s evaluation of the current cyber security regulations in place. / read more

A new draft bill ‘On the Security of Critical Information Infrastructure of the Russian Federation’ (‘Draft Bill’) was presented to the Russian Parliament at the end of last year and was approved at first reading stage in the State Duma on 27 January 2017. This Draft Bill aims to protect critical information infrastructure and imposes requirements on individuals and legal entities who own significant critical information infrastructure facilities, although the Draft Bill is still in its early stages of development. Vyacheslav Khayryuzov, Counsel at Noerr, outlines the reasons for the Draft Bill being put forward at this time, and its requirements. / read more

Wayra - Telefónica’s startup accelerator - began a partnership last year with GCHQ and the UK's Department of Culture, Media and Sport to launch the GCHQ Cyber Accelerator, which aims to work with cyber security startups at the beginning of their journeys. Here, Gary Stewart, Director at Wayra UK, explains how the Cyber Accelerator came to be and its aims and experiences so far, and discusses the Cyber Accelerator’s first cohort. / read more

In late February this year, cloud security company Cloudflare, Inc. reported that a bug had been found in its services, which had led to the wrongful disclosure of data. As Cloudflare is a popular service, reportedly used by sites such as and, the bug caused some concern. Here, Chris James, a Consultant Solicitor, explains why, while the issue itself is likely not serious in its own right, there are some interesting wider implications, and provides some practical steps for in-house lawyers to consider if they believe their organisation might have been affected. / read more

Certain UK and European cases over the past few years have explored the degree of compensation that might be awarded to individuals whose personal data has been used or disclosed without consent, in circumstances where financial loss was never sustained by the affected individuals. In the UK these cases have notably included Vidal-Hall v. Google and TLT v. The Secretary of State for the Home Department. Mark Surguy, Partner at Weightmans, draws upon recent case law to examine the question of how much compensation can be claimed and the routes towards the awarding of such compensation. / read more

About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives

Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed