We have been tracking (yet another) busy month in the world of cyber security. We’ve brought together the top cyber-related news for October, so you don’t have to, including: details of the upcoming webinar on the power of the cyber simulation we are hosting with FTI Consulting and Coveware; cyber-related regulator and government updates and … Read more

Whew! A month is a long time in the cyber world. It has been another busy one. We’ve collated the top cyber-related news media for September, so you don’t have to, including: full details on our 2023 Cyber Risk Survey and our podcast on cyber class action risks; highlights from the AFR Cyber Summit, including … Read more

In August 2023, the UK Government published its 2023 National Risk Register ("the Risk Register"), listing the 89 main publicly-acknowledged risks facing the UK. Cyber-attacks on gas infrastructure, electricity infrastructure, civil nuclear, fuel supply infrastructure, the health and social care system, the transport sector, telecommunications systems and one or more UK retail banks are cited as key risks in the report. Read more

On 26 July 2023, the US Securities and Exchange Commission (the “SEC“) adopted rules requiring registrants to disclose material cybersecurity incidents and certain information regarding their cybersecurity risk management, strategy, and governance. Under the final rules, foreign private issuers (“FPIs“) will be required to furnish on Form 6-K information on material cybersecurity incidents that they … Read more

As the Northern Hemisphere summer draws to a close, we have been tracking another busy month in the world of cyber security. We’ve brought together the top cyber-related news for August, so you don’t have to, including: an update on the fallout of the MOVEit breach, a freeze on bonuses for Medibank executives following its … Read more

On Thursday 25 July 2019, the City of Johannesburg's electricity service provider, City Power, suffered a ransomware attack which encrypted its databases, applications and network. The attack disabled the utility's website and prevented its customers from being able to purchase electricity from the utility which potentially impacted up to a quarter of a million customers. In addition, City Power was delayed from responding to localised blackouts, leaving several suburbs in the dark, as City Power's systems were unable to efficiently detect faults in the entity's distribution system. Read more

The US Securities and Exchange Commission (SEC)'s issue of a Wells Notice to SolarWinds Corporation's former and current executives this summer is a sharp reminder that there can be serious consequences for individuals following cyber security incidents. There is a global trend towards holding senior people within companies personally responsible for cyber security. Individuals can be sanctioned by regulators, find themselves facing action for breach of their fiduciary duties to their companies, and even the target of litigation, including in class actions by investors that name officers or directors as defendants in their individual capacity. Read more

July 2023 has been another busy month in the world of cyber security (yes, another one). This update summarises the top cyber-related news for July, including: regulatory developments such as APRA’s new Operational Risk Management standard, plus new cyber disclosure rules introduced by the U.S. Securities and Exchange Commission; new insights into the rising average … Read more