Cyber and Data Security Notes

British Airways Data Breach: ICO announces potential £183 million ‘mega fine’

The ICO has published a notice of its intent to fine British Airways £183.39 million for its 2018 data breach where the personal data of 500,000 …

Zero-day attacks, red teaming and other cyber concerns

There are a myriad cybersecurity issues that legal departments must concern themselves with, with proactivity being key to the safety of a business’s …

Guideline on cyber security for Hong Kong authorised insurers will come into effect on 1 January 2020

In June 2019, the Hong Kong Insurance Authority published its Guideline on Cybersecurity (GL 20) for authorised insurers, which will take effect on 1 …

EU Regulation on cyber security now in force

IOSCO publishes final report of Cyber Task Force

On 18 June 2019, the International Organisation of Securities Commissions ("IOSCO") published the final report of its Cyber Task Force ("CTF"). The …

US Department of Defense recognises cyber security as allowable contractor cost

Reflecting recognition of the critical nature of cybersecurity concerns and precautions, the US Department of Defense ("DoD") has announced that certain …

UK Government publishes new cyber security guidance for businesses

The cyber security guidance for business published jointly by the Department for Digital, Culture, Media & Sport, the Cabinet Office …

US FTC continues Facebook privacy and competition probes

The US FTC continues its investigations of Facebook relating to both privacy and competition issues. The FTC has undertaken several investigations of …

EU adopts new sanctions framework targeting external cyber attacks

On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU …

Proposals for federal privacy-related legislation continue

In the US, efforts have continued to establish a comprehensive national privacy law, to replace the current patchwork approach undertaken on a state and …

Joint Committee advice on ICT risk management and cyber security in the financial sector

On 8 March 2018, the European Commission published its FinTech Action Plan with the aim of encouraging the European Supervisory Authorities ("ESAs") to …