Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInCorporate boards are better at cybersecurity but still need improvement | Security Magazine
This year, Gartner – the world’s leading IT research company – came out with a prediction that upon inspection says a lot about how the highest level of corporate management views cybersecurity risk. It wasn’t that this has become the second-highest source of risk for the enterprise, and could become the riskiest of all. This […]
Regulator vows it ‘will not engage with criminals’ as ransomware response continues | PublicTechnology.net
The Scottish Environment Protection Agency has said it “will not engage with criminals intent on disrupting public services and extorting public funds”, as it continues to deal with a ransomware attack that has been ongoing since Christmas Eve. Some of the information stolen from the environmental regulator has now been published online, but Police Scotland […]
Attribution on Election Cyber-Attacks: Don’t Rush to Judgment
When investigating a cyber-attack, just because you have figured out the what, when and how, does not mean you have figured out the who. No doubt that after Election Day 2020, someone somewhere will allege that some form of cyber-attack compromised the results. Though it may be tempting to round up the usual suspects, don’t take the bait. While countries like […]
Over Half of Indian Companies in India Faced Data Breach Since Implementing Remote Working: Report
Nearly 66 per cent of Indian organisations have had at least one data breach or cybersecurity incident since shifting to a remote working model during the pandemic, a survey by Barracuda Networks said on Thursday. The findings indicated employees in 67 per cent of organisations experienced an increase in email phishing attacks. via Over Half […]
Data Transfer Considerations in Investigations | Investigations and Enforcement Blog
Companies that operate in more than one jurisdiction that are either carrying out an internal investigation or are subject to a criminal or regulatory investigation by U.S. law enforcement agencies will almost certainly need to consider the legality of trans-Atlantic data transfers. Under European law, in particular, companies falling short in compliance with data protection […]
Reasonable and Pragmatic Approach by UK’s ICO to GDPR Compliance during the COVID-19 Pandemic
On March 12, 2020, the Information Commissioner’s Office (ICO), the U.K.’s data protection authority (DPA), published Guidance for data controllers on their data protection compliance obligations during the COVID-19 pandemic. The take-away point is that the ICO will take into account “the compelling public interest in the current health emergency” and will take a “reasonable […]
On data protection, the UK says it will go it alone. It probably won’t. | ZDNet
After the UK left the EU, at the end of January, Prime Minister Boris Johnson said the UK will now look to “develop separate and independent policies” in a number of areas, including data protection. However, in reality the UK is unlikely to stray too far from European rules or risk significant disruption. Currently, the […]
Orrick hires duo from PwC in London cybersecurity swoop – The Global Legal Post
Orrick has boosted its London cybersecurity capability with the hire of Keily Blair and James Lloyd from Big Four accountants PricewaterhouseCoopers (PwC) as partners. Blair, who headed up PwC’s contentious data protection practice, has experience gained at fellow US law firm Morrison & Foerster (MoFo) as well as magic circle law firm Allen & Overy, where […]
Glenn Greenwald Charged With Cybercrimes in Brazil – The New York Times
Federal prosecutors in Brazil on Tuesday charged the American journalist Glenn Greenwald with cybercrimes for his role in bringing to light cellphone messages that have embarrassed prosecutors and tarnished the image of an anticorruption task force. In a criminal complaint made public on Tuesday, prosecutors in the capital, Brasília, accused Mr. Greenwald of being part […]
GDPR: 160,000 data breaches reported already, so expect the big fines to follow | ZDNet
Over 160,000 data-breach notifications have been made to authorities in the 18 months since Europe’s new digital privacy regulation came into force, and the number of breaches and other security incidents being reported is on the rise. Analysis by law firm DLA Piper found that after the General Data Protection Regulation (GDPR) came into force on 25 […]
Hackers steal data for 15 million patients, then sell it back to lab that lost it | Ars Technica
Canada’s biggest provider of specialty laboratory testing services said it paid hackers an undisclosed amount for the return of personal data they stole belonging to as many as 15 million customers. Toronto, Ontario-based LifeLabs Notified Canadian authorities of the attack on November 1. The company said a cyberattack struck computer systems that stored data for […]
On Data Privacy, India Charts Its Own Path – The New York Times
India is poised to pass its first major data protection law, placing new restrictions on how corporations can collect and use information from the country’s 1.3 billion people. The legislation, which is set to be introduced in Parliament this week after more than a year of discussion, builds on Europe’s recently enacted privacy protections that […]
On Data Privacy, India Charts Its Own Path – The New York Times
India is poised to pass its first major data protection law, placing new restrictions on how corporations can collect and use information from the country’s 1.3 billion people. The legislation, which is set to be introduced in Parliament this week after more than a year of discussion, builds on Europe’s recently enacted privacy protections that […]
Canada: “Once More Unto the (Data) Breach”…Looking back at Twelve Months of Mandatory Breach Notifications – Lexology
As described in numerous previous articles over the course of 2019, the past year saw an unprecedented number of breach notifications in Canada. In Europe, under the scrutiny of the General Data Protection Regulations (“GDPR”), there were a whopping 89,200 notifications in the first twelve months of the GDPR coming into force in May 2018. […]
Data breach trends from the first year of the GDPR revealed – TechCentral.ie
Of the 5,818 breach notifications the DPC has received since 25 May 2018, common trends include late notifications; difficulty in assessing risk ratings; failure to communicate the breach to data subjects; repeat breach notifications; and inadequate reporting. Unauthorised disclosure was the main offender; it was behind 83% of all breaches. This can include sending an […]