Cyber Security Practitioner

Volume: 3 Issue: 7
(July 2017)


Singapore’s Ministry of Communications and Information and the Cyber Security Agency (‘CSA’) of Singapore published on 10 July 2017 a proposed Cybersecurity Bill for public consultation, which is intended to establish a framework for the oversight and maintenance of national cyber security and empower the CSA to carry out its functions, as well as minimise the risk of cyber threats. The proposed Bill has four objectives: to provide a framework for the regulation of critical information infrastructure (‘CII’), to provide the CSA with powers to manage and respond to cyber threats and incidents, to establish a framework for the sharing of cyber security information, and to introduce a ‘lighter-touch’ licensing process for the regulation of selected cyber security service providers, which would include licensing the provision of penetration testing and managed security operations centre services. / read more


If you’ve been exposed to a GDPR fear sell, as many people have, you might be worried about a torrent of very heavy financial penalties being doled out by the European Data Protection Authorities (‘DPAs’) next summer. / read more

As various sectors continue to rapidly develop technologically and become more reliant on information technology (‘IT’) and operational technology (‘OT’) systems, the cyber threats to these sectors become increasingly varied and complex. Andy Wall, Head of Cyber Security at Atkins Global, provides insight into how these sectors intersect and what approach should be taken to improve their cyber defences. / read more

In May 2017, the European Banking Authority (‘EBA’) published its Final Report on Guidelines on ICT Risk Assessment under the Supervisory Review and Evaluation Process (‘SREP’). Publication of the Guidelines to help supervisors assess ICT risk management in banks is certainly a timely development, as cyber or IT related incidents garner more headlines - notably with the WannaCry attack and the BA ICT service outage - as Andrew Moir and Cat Dankos of Herbert Smith Freehills explain. / read more

With the intention of tackling rising cyber threats, members of the African Union have adopted the African Union Convention on Cyber Security and Personal Data Protection, which has led to the drafting of the Internet Infrastructure Security Guidelines for Africa. This set of guidelines aims to create a pan-African, multi-stakeholder approach to cyber security, taking into account the particular circumstances of African nations, such as the different levels of cyber security awareness. Joăo Luís Traça and Pedro Marques Gaspar of Miranda Law Firm detail the approach of the guidelines and the challenges to improving cyber security across Africa. / read more

Following an incident in which a large number of Korean websites were hit by a ransomware attack, the Korea Communications Commission (‘KCC’) has now taken steps to enhance the cyber security preparedness of online operators. According to the KCC’s research 2,496 online business operators have been transmitting personal data without encryption, and as such the KCC has issued such business with administrative guidance on server security. Keun Woo Lee, Partner at Yoon & Yang, describes the vulnerabilities facing online operators and looks at the steps the KCC is taking to strengthen online operators’ cyber security, which includes taking a tougher stance on online operators cyber security going forward. / read more

A recent agreement signed between Australia and Singapore which will see the two countries work together to address cyber risks could be a blueprint for similar collaborations across the globe. Bryan Tan, Partner at Pinsent Masons, provides insight into this cyber security partnership and the context behind it. / read more

The German Parliament passed amendments to the German Criminal Procedure Code (‘GCPC’) on 7 July 2017 in an effort to improve criminal prosecution in light of the use of technology. ‘The Act for more effective and practicable design of criminal procedure’ contains amendments to the GCPC to simplify and accelerate criminal procedures, which includes new powers for the public prosecutor, based on a court order, to introduce inquisitive software tools (so-called ‘government Trojans’) for telecommunications surveillance (Section 100a GCPC) and new powers to carry out online searches including on mobile devices (Section 100b GCPC) without informing the suspect. In such a context, the public prosecutor may if necessary circumvent encryption technologies embedded in the telecommunication technology and/or related devices of the suspects. Cyber Security Practitioner spoke to Dr Alexander Duisberg, Partner at Bird & Bird, about the amendments and the possible implications for cyber security. / read more

About Cyber Security Practitioner:

Cyber Security Practitioner, the most recently launched monthly publication from Cecile Park Media, provides a multi-disciplinary view on the cyber security challenges facing global businesses and delivers insight into operational change. It covers cyber security regulation, data breach, data security, cyber risk, cyber crime, ethical hacking, privacy and data protection, cyber infrastructure, technical solutions, risk management, information assurance, security standards, liability, consumer protection, ransomware and other cyber threats, cyber insurance... /read more

Search Publication Archives

Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed