The National Cyber Security Centre (“NCSC“) emphasised the need for security by design at the launch of its Annual Review 2019 in London this morning. Many legacy systems are “accidentally insecure”, noted NCSC CEO Ciaran Martin, but now we can see the major trends developing and plan strategically. The Secure by Design Code of Conduct … Read more
Shortly after the release of the communiqué from the most recent ministerial meetings of the ‘Five Countries’ security alliance — Australia, Canada, New Zealand, the UK and the US — at the end of July, we warned that the issue of the use of, and access to, encrypted services and technologies ‘remains front of mind for … Read more
Last week, the Department for Digital, Culture, Media & Sport issued a Call for Views on the certification scheme currently anticipated by Regulation (EU) 2019/881 (the Cybersecurity Act) after Brexit. The closing date for responses is 15 October. In the issued document, the UK Government proposes to maintain “a close relationship with the EU on … Read more
In our last report on the California Consumer Privacy Act (“CCPA“), which expands the rights that California residents have with respect to their personal information, we advised that the state’s Attorney General (“CA AG“) had commenced a series of public forums as it prepares regulations expected to implement the CCPA and establish compliance regimens for … Read more
On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU and its member states. The sanctions will be designed “to deter and respond to cyber-attacks with a significant effect which constitute an external threat to the EU and its Member … Read more
