Cyber Security Practitioner

Volume: 3 Issue: 4
(April 2017)


The UK Commons Select Committee on Exiting the European Union, in its third special report published on 3 April 2017 (‘Committee Report’), has commented upon the impact of the Brexit process on security, including on matters with a bearing on the fight against cyber crime. / read more

The Israeli Parliament’s Constitution, Law and Justice Committee approved on 21 March 2017 the Protection of Privacy (Information Security) Regulation 2016. The Regulation is the result of almost seven years work, and will establish comprehensive obligations on both private and public database owners once approved by the Knesset. / read more


As the clock ticks down to the General Data Protection Regulation (‘GDPR’), it's important that organisations do not overlook the proposed ePrivacy Regulation, which, if all goes to plan, will also come into effect in 2018. The new Regulation will replace the 2002-2009 scheme for publicly available electronic communications services and activities that are provided or performed ‘over the top,’ such as the setting of cookies and certain forms of direct marketing. The ePrivacy Regulation will bring the two data protection regimes much closer together, but there is an important point of distinction that's worth noting for cyber security purposes. However, before getting there, let's remind ourselves of some of the legal history. / read more

Antonis Patrikios and Sabba Mahmood of Fieldfisher discuss the rapidly changing landscape for data protection and data security in Europe and the diverging legal requirements for incident notification coming out of the General Data Protection Regulation ('GDPR') and the Network and Information Systems Directive ('NIS Directive'). Antonis and Sabba also assess the EU Agency for Network and Information Security's (‘ENISA’) recent guidelines on incident notification for digital service providers. / read more

A corporate network breach can have lasting consequences not only for the company’s customers and existing stakeholders, but also for its future acquirers and successors. The reason even a single cyber security incident can be material is by now well understood, and a constant focus of shareholders, boards, lawmakers, regulators, consumer data breach victims, and even international standard setting bodies. Simply put, today’s market leaders across nearly every sector of industry have made their mark through the rapid adoption of technology, coupled with the broad collection, use, and sale of all sorts of data, and lots of it. It comes to follow that today’s mergers and acquisitions (‘M&A’) are saddled with business and legal considerations involving privacy and cyber security that simply did not exist 20 years ago. These considerations are particularly acute for transactions that involve companies with large quantities of sensitive personal data, or whose value materially relies upon the protection of trade secrets; or, in relation to the networks themselves rather than the data that resides on them, companies that operate critical systems or manufacture devices that require high process integrity and guaranteed levels of service availability. Steven R. Chabinsky, Kevin L. Petrasic and Helen Y. Lee of White & Case LLP, provide a detailed breakdown of cyber security due diligence for M&A transactions. / read more

A new Opinion from the Polish Inspector General for Personal Data Protection (‘GIODO’) sets out the regulator’s thoughts on securing electronic mail, which remains one of the primary channels for computer infection and which is thus deserving of substantial attention. The Opinion, which is of note for any organisation considering the issue of email security, discusses measures such as the encryption of transmitted information and encrypted channels of communication, as Agnieszka Besiekierska and Joanna Galajda Associate of Bird & Bird Szepietowski i wspólnicy sp.k. discuss. / read more

Andy Davis, Transport Assurance Practice Director at NCC Group, provides a detailed view of the cyber security risk within the automotive supply chain in the context of connected cars. Andy explains the systems developer mind-set, the concerns stemming from the increased vehicle attack surface associated with connected vehicles, and the need for international standards for connected cars. / read more

Imran Ahmad, Partner and National Leader of the Cybersecurity Law Practice at Miller Thomson LLP, evaluates how the privacy law landscape operates in Canada, how this relates to cyber security, and the new mandatory breach notification requirements being introduced by the Digital Privacy Act, which has significantly amended the Personal Information Protection and Electronic Documents Act (‘PIPEDA’). / read more

About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives

Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed