In this bulletin we summarise recent updates relating to cybersecurity and data protection in China to keep you updated on developments. We focus on three areas: regulatory developments, enforcement developments, and industry developments. For further detail, please see our update here. Read more

  The Supreme Court in England has two issues to consider in the appeal which opens today. First, should the company be held to be vicariously liable for the acts of its employee in this case? It concerns, after all, a rogue employee, who took payroll data with which he was entrusted home on a … Read more

The Queensland Audit Office has published its findings and recommendations following its audit of cyber security readiness at three Queensland public sector bodies. The audit tested each entity’s cyber security through a variety of mechanisms, assessed the public availability of the entities’ sensitive information and tested the implementation of the Australian Cyber Security Centre’s ‘Top … Read more

The National Cyber Security Centre (“NCSC“) emphasised the need for security by design at the launch of its Annual Review 2019 in London this morning. Many legacy systems are “accidentally insecure”, noted NCSC CEO Ciaran Martin, but now we can see the major trends developing and plan strategically. The Secure by Design Code of Conduct … Read more

Australia’s Department for Home Affairs (“DHA“) has released a discussion paper on Australia’s 2020 Cyber Security Strategy (“Discussion Paper“), updating the inaugural 2016 Cyber Security Strategy. Read more

In July 2019, the UK government published the long-awaited Telecoms Supply Chain Review (available here), setting out its plans to regulate the UK telecoms sector more heavily in order to improve cyber security risk management, policy and enforcement. The Review sets out the concerns about the security and resilience of the UK’s telecoms networks, as … Read more

There are a myriad cybersecurity issues that legal departments must concern themselves with, with proactivity being key to the safety of a business’s information. Speaking recently on a live webcast hosted by Lawyers Weekly — Security breaches: is your firm protected? — Telstra security consultant Keith Kerr said zero-day attacks refer to instances where legal … Read more

On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU and its member states. The sanctions will be designed “to deter and respond to cyber-attacks with a significant effect which constitute an external threat to the EU and its Member … Read more