On 4 November 2019, the UK Government’s Department for Digital, Culture, Media & Sport (“DCMS“) issued the Cyber Security Incentives and Regulation Review 2020: Call for Evidence (the “Review“). The aims of the Review are to: understand the barriers which prevent organisations from improving their cyber security; understand the effectiveness of existing regulations and guidance … Read more

The new Encryption Law, China’s first national law on encryption, was published on 26 October 2019 and will come into force on 1 January 2020. It broadens the current regulatory scope of encryption, liberalises commercial encryption at national-law level and proposes a market-oriented regulatory regime for the commercial encryption industry. Foreign and foreign-invested enterprises are given … Read more

  The Supreme Court in England has two issues to consider in the appeal which opens today. First, should the company be held to be vicariously liable for the acts of its employee in this case? It concerns, after all, a rogue employee, who took payroll data with which he was entrusted home on a … Read more

The Queensland Audit Office has published its findings and recommendations following its audit of cyber security readiness at three Queensland public sector bodies. The audit tested each entity’s cyber security through a variety of mechanisms, assessed the public availability of the entities’ sensitive information and tested the implementation of the Australian Cyber Security Centre’s ‘Top … Read more

The National Cyber Security Centre (“NCSC“) emphasised the need for security by design at the launch of its Annual Review 2019 in London this morning. Many legacy systems are “accidentally insecure”, noted NCSC CEO Ciaran Martin, but now we can see the major trends developing and plan strategically. The Secure by Design Code of Conduct … Read more

Australia’s Department for Home Affairs (“DHA“) has released a discussion paper on Australia’s 2020 Cyber Security Strategy (“Discussion Paper“), updating the inaugural 2016 Cyber Security Strategy. Read more

Shortly after the release of the communiqué from the most recent ministerial meetings of the ‘Five Countries’ security alliance — Australia, Canada, New Zealand, the UK and the US — at the end of July, we warned that the issue of the use of, and access to, encrypted services and technologies ‘remains front of mind for … Read more

In July 2019, the UK government published the long-awaited Telecoms Supply Chain Review (available here), setting out its plans to regulate the UK telecoms sector more heavily in order to improve cyber security risk management, policy and enforcement. The Review sets out the concerns about the security and resilience of the UK’s telecoms networks, as … Read more