On 26 July 2023, the US Securities and Exchange Commission (the “SEC“) adopted rules requiring registrants to disclose material cybersecurity incidents and certain information regarding their cybersecurity risk management, strategy, and governance. Under the final rules, foreign private issuers (“FPIs“) will be required to furnish on Form 6-K information on material cybersecurity incidents that they … Read more

As the Northern Hemisphere summer draws to a close, we have been tracking another busy month in the world of cyber security. We’ve brought together the top cyber-related news for August, so you don’t have to, including: an update on the fallout of the MOVEit breach, a freeze on bonuses for Medibank executives following its … Read more

On Thursday 25 July 2019, the City of Johannesburg's electricity service provider, City Power, suffered a ransomware attack which encrypted its databases, applications and network. The attack disabled the utility's website and prevented its customers from being able to purchase electricity from the utility which potentially impacted up to a quarter of a million customers. In addition, City Power was delayed from responding to localised blackouts, leaving several suburbs in the dark, as City Power's systems were unable to efficiently detect faults in the entity's distribution system. Read more

The US Securities and Exchange Commission (SEC)'s issue of a Wells Notice to SolarWinds Corporation's former and current executives this summer is a sharp reminder that there can be serious consequences for individuals following cyber security incidents. There is a global trend towards holding senior people within companies personally responsible for cyber security. Individuals can be sanctioned by regulators, find themselves facing action for breach of their fiduciary duties to their companies, and even the target of litigation, including in class actions by investors that name officers or directors as defendants in their individual capacity. Read more

July 2023 has been another busy month in the world of cyber security (yes, another one). This update summarises the top cyber-related news for July, including: regulatory developments such as APRA’s new Operational Risk Management standard, plus new cyber disclosure rules introduced by the U.S. Securities and Exchange Commission; new insights into the rising average … Read more

In Germany, the Federal Minister of the Interior, Nancy Faeser, considered two amendments to the Constitution as part of an ambitious plan to strengthen cybersecurity across the nation. This followed from calls to strengthen cyber resilience for federal authorities, critical infrastructure and to modernise and expand cybersecurity architecture in Germany. Ms. Faeser noted that cybersecurity threats remained high. German authorities and businesses have been the target of cyberattacks since Russia's war in Ukraine. Disinformation, sabotage and espionage were also identified as critical issues. Read more

It’s been another busy month in the world of cyber security. This update summarises June’s leading cyber and privacy-related news including notable cyber incidents, regulatory developments, new industry research and a few updates from us. News from HSF Media on recent cyber incidents Regulatory and industry news News from HSF HSF Cyber Survey A reminder … Read more